Bibou le forum
Vous souhaitez réagir à ce message ? Créez un compte en quelques clics ou connectez-vous pour continuer.

Bibou Le Forum
Portail sur la sécurité
 
PortailAccueilDernières imagesRechercherS'enregistrerConnexion
Le Deal du moment :
Funko POP! Jumbo One Piece Kaido Dragon Form : ...
Voir le deal

Bibou le forum :: 
La sécurité
 :: Aide à la désinfection :: Sujets résolus ou anciens
 

 [résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!"

Aller en bas 
4 participants
AuteurMessage
°sof°
Bibou
Bibou
°sof°


Féminin
Nombre de messages : 16
Age : 37
Localisation : centre
Date d'inscription : 04/12/2009

[résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!" Empty
MessageSujet: [résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!"   [résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!" Icon_minitimeVen 4 Déc 2009 - 19:37
scratch
Alors, voilà mon soucis...Je pense avoir chopé un virus sur un ordi de ma Fac via ma clef USB hier. Je me suis apperçu ce matin que dans ma barre d'outils internet il était inscrit "// Wink anna I Liebe You ==> MILK@3I_!!!"
[résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!" Bizar11

Mais Avast ne l'a pas détecté, du coup j'ai lancé une recherche d'infection avec avast, toujours pas détecté.
Du coup, en regardant un peu partout sur votre forum, je suis tombée sur le topic "précédure à suivre avant de poster" dans la partie "Aide à la désinfection", j'ai fait la première étape avec TFC et maintenant j'ai lancé l'étape 2 avec Malwarebytes anti-malware ... il tourne depuis 56min et il a toujours pas trouvé de fichiers infectés...

Voilà, n'étant pas douée en informatique, j'aprécierais grandement vos conseils éclairés car mon PC est fondamental à ma survie! Laughing

Si ça peut servir comme info, il s'agit d'un PC portable hp.

Mercii!

édit>

[résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!" Anti_v10

et le rapport de Malwarebytes' si ça peut servir:

Citation :
Malwarebytes' Anti-Malware 1.42
Version de la base de données: 3289
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18828

04/12/2009 20:02:50
mbam-log-2009-12-04 (20-02-50).txt

Type de recherche: Examen complet (C:\|D:\|F:\|)
Eléments examinés: 230295
Temps écoulé: 1 hour(s), 25 minute(s), 4 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
Revenir en haut Aller en bas
GrosBébé
Moderateurs (trices)
Moderateurs (trices)
GrosBébé


Masculin
Nombre de messages : 6878
Age : 43
Localisation : devant le pc
Date d'inscription : 18/12/2007

[résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!" Empty
MessageSujet: Re: [résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!"   [résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!" Icon_minitimeVen 4 Déc 2009 - 20:31
Re

°sof° a écrit:
mon PC est fondamental à ma survie! Laughing

Je sais de quoi tu parles lol

Ok, en attente de la suite des rapports Very Happy
Revenir en haut Aller en bas
°sof°
Bibou
Bibou
°sof°


Féminin
Nombre de messages : 16
Age : 37
Localisation : centre
Date d'inscription : 04/12/2009

[résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!" Empty
MessageSujet: Re: [résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!"   [résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!" Icon_minitimeVen 4 Déc 2009 - 20:55
^^

Heuuu, je suis bloquée avec RSIT ...

[résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!" Atape_10

silent
Revenir en haut Aller en bas
GrosBébé
Moderateurs (trices)
Moderateurs (trices)
GrosBébé


Masculin
Nombre de messages : 6878
Age : 43
Localisation : devant le pc
Date d'inscription : 18/12/2007

[résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!" Empty
MessageSujet: Re: [résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!"   [résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!" Icon_minitimeVen 4 Déc 2009 - 21:42
A la place de RSIT, essaie OTL


  • Clique ici pour télécharger OTL (de Old Timer) sur ton bureau
  • Ferme toutes tes fenêtres, puis double clique sur OTL.exe pour le lancer.
  • Coche Lop Check et Purity check
  • Sous Custom Scans (en bas), copie/colle ceci

    %SYSTEMDRIVE%\*.*
    %SYSTEMDRIVE%\*.exe
    %PROGRAMFILES%\*.*
    %PROGRAMFILES%\*.
    msconfig
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
    CREATERESTOREPOINT

  • Clique sur le bouton Run Scan en haut à gauche puis patiente quelques instants.

    • A la fin du scan, deux rapports s'ouvriront (OTL.Txt et Extras.Txt). Copie/colle ici l'ensemble des rapports.

    PS : Les rapport sont aussi enregistrés sur le bureau


Les rapports sont longs, mets un rapport par post, donc 2 post pour OTL.
Revenir en haut Aller en bas
°sof°
Bibou
Bibou
°sof°


Féminin
Nombre de messages : 16
Age : 37
Localisation : centre
Date d'inscription : 04/12/2009

[résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!" Empty
MessageSujet: Re: [résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!"   [résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!" Icon_minitimeVen 4 Déc 2009 - 21:55
Merci bien!

Le premier rapport: "Extras.Txt"

OTL Extras logfile created on: 04/12/2009 21:47:19 - Run 1
OTL by OldTimer - Version 3.1.11.5 Folder = D:\Téléchargement
Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18828)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1,93 Gb Total Physical Memory | 1,09 Gb Available Physical Memory | 56,70% Memory free
4,00 Gb Paging File | 3,03 Gb Available in Paging File | 75,71% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 48,83 Gb Total Space | 21,93 Gb Free Space | 44,91% Space Free | Partition Type: NTFS
Drive D: | 76,69 Gb Total Space | 71,33 Gb Free Space | 93,01% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PC-DE-SOF
Current User Name: sOf
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.chm [@ = chm.file] -- "%SystemRoot%\hh.exe" %1
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
chm.file [open] -- "%SystemRoot%\hh.exe" %1
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-1332893076-1427902337-4189914912-1004]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03614F87-08F8-4F0B-9481-B6D901423E79}" = rport=445 | protocol=6 | dir=out | app=system |
"{2BBCD623-188B-4E5A-8974-6FC472BC5A37}" = lport=2869 | protocol=6 | dir=in | app=system |
"{40E10484-61C2-49D4-990B-13DC0950ACD2}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{49836BA0-F6A9-4AA1-8355-75739E40250C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{625D00F9-F8A8-4531-9710-77F1E60AC37D}" = lport=139 | protocol=6 | dir=in | app=system |
"{656EEB3A-3DD2-407B-A849-01FB8C356BBF}" = lport=138 | protocol=17 | dir=in | app=system |
"{805119D3-446C-4916-9096-4F46D74407F4}" = lport=445 | protocol=6 | dir=in | app=system |
"{88ABAE91-8958-4D27-B910-1E1FEADAD3F9}" = rport=139 | protocol=6 | dir=out | app=system |
"{94BA6E72-6C8E-419E-8EBF-0AD0B42287FF}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{DCA3DAF1-663E-49DE-83CC-11444471D715}" = lport=137 | protocol=17 | dir=in | app=system |
"{DCAE86E1-1B66-4FBA-A36A-7660F3FFC0A9}" = rport=137 | protocol=17 | dir=out | app=system |
"{E1309B12-22A4-4A58-8521-FE3ECBDCA6EC}" = rport=138 | protocol=17 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{4F0D6B43-D231-4340-946B-5F06A64EACBB}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{7FCAA927-1EF5-429C-9922-6A9D2CFCFBDD}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{8E4CAB88-B2AD-4024-B223-D5A2F9EE5E7A}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{BE10DE33-52EB-4BBF-BF3F-0A61EE6BEEEC}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{DABD83EE-4C50-4AE3-97A0-73B99959AAFE}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{E832D66A-DFE3-408A-B9F6-015127A9D851}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{EE8C00E1-41B8-4685-905C-ED9B1E6F382C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"TCP Query User{57D11754-78D0-469B-9ABD-D8F692EEA26C}C:\program files\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"UDP Query User{09D3E93D-04C9-437A-BCB7-452C1904FD7C}C:\program files\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{004C5DA2-2051-4D25-94BA-51CF810C91EB}" = LightScribe System Software 1.12.37.1
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{0FA44E79-CD7D-4E8D-A2EE-26FE05F509B6}" = OpenOffice.org 3.1
"{154E4F71-DFC0-4B31-8D99-F97615031B02}" = HP Webcam Application
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{2075CB0A-D26F-4DAA-B424-5079296B43BA}" = Windows Live FolderShare
"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 13
"{2ADE2157-7A5E-122C-B51D-EB8A01B15943}" = DeepBurner v1.9.0.228
"{30A2A953-DEB1-466A-B660-F4399C7C6B9D}" = Roxio MyDVD
"{31216452-5540-4C96-B754-94890A63D5AB}" = HP Help and Support
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 D3
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = HP Webcam
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra
"{45A136EC-88BF-4B95-99F5-C45D3930E1CC}" = HP MULTIPLE MODEM INSTALLER for VISTA
"{46ABBC54-1872-4AA3-95E2-F2C063A63F31}" = Installation Windows Live
"{4EF8BE6A-899C-4196-94E7-297C5F7A203E}" = pdfforge Toolbar v1.1
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Creator Business
"{5D97A4A7-C274-4B63-86D9-07A33435F505}" = InterVideo DVD Check
"{5DAA9C36-8F8B-462F-8CCA-E205BC3751F5}" = HP Active Support Library
"{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{69333A04-5134-40A5-A055-9166A7AA1EC8}" =
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{770F1BEC-2871-4E70-B837-FB8525FFA3B1}" = Windows Live Messenger
"{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call
"{8595812B-9104-4196-B629-FD298D819399}" = HP User Guides 0097
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Sonic CinePlayer Decoder Pack
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel®️ Matrix Storage Manager
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{983980FC-66FB-4ECC-A5D8-4565BE217733}" = SCR3xxx Smart Card Reader
"{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}" = HP Wireless Assistant
"{AC194855-F7AC-4D04-B4C9-07BA46FCB697}" = ActivClient 6.1 x86
"{AC76BA86-7AD7-1036-7B44-A92000000001}" = Adobe Reader 9.2 - Français
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B131E59D-202C-43C6-84C9-68F0C37541F1}" = Galerie de photos Windows Live
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}" = HP Update
"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E44FFEA5-177E-4C5C-9EE1-33C8E3F2755B}" = HP 3D DriveGuard
"{EC877639-07AB-495C-BFD1-D63AF9140810}" = Roxio Activation Module
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator Business v10
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{FECEF9D2-9D3D-449B-9EA4-CFA775C99460}" = AuthenTec Fingerprint System
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"Audacity_is1" = Audacity 1.2.6
"avast!" = avast! Antivirus
"BitTorrent" = BitTorrent
"Broadcom 802.11b Network Adapter" = Carte réseau local sans fil 802.11 Broadcom
"Dia" = Dia (supprimer uniquement)
"FileZilla Client" = FileZilla Client 3.2.6
"GanttProject" = GanttProject
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HijackThis" = HijackThis 2.0.2
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Messenger Plus! Live" = Messenger Plus! Live
"Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.0.11)" = Mozilla Firefox (3.0.11)
"Mozilla Sunbird (0.9)" = Mozilla Sunbird (0.9)
"Mozilla Thunderbird (2.0.0.22)" = Mozilla Thunderbird (2.0.0.22)
"PDF Complete" = PDF Complete
"RealPlayer 6.0" = RealPlayer
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VLC media player" = VLC media player 0.9.9
"WinGimp-2.0_is1" = GIMP 2.6.6
"WinLiveSuite_Wave3" = Installation Windows Live

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 06/10/2009 17:40:15 | Computer Name = PC-de-sOf | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Windows\System32\conime.exe failed, 00000005.

[ Application Events ]
Error - 06/10/2009 11:32:24 | Computer Name = PC-de-sOf | Source = ESENT | ID = 215
Description = WinMail (4036) WindowsMail0: La sauvegarde a été arrêtée car elle
a été interrompue par le client ou la connexion avec le client a échoué.

Error - 06/10/2009 12:13:46 | Computer Name = PC-de-sOf | Source = Application Error | ID = 1000
Description = Application défaillante SynTPEnh.exe, version 11.0.7.0, horodatage
0x47ec49d3, module défaillant SynTPEnh.exe, version 11.0.7.0, horodatage 0x47ec49d3,
code d’exception 0xc0000409, décalage d’erreur 0x0002bc4c, ID du processus 0x98c,
heure de début de l’application 0x01ca469a3663fa0f.

Error - 06/10/2009 17:36:18 | Computer Name = PC-de-sOf | Source = Application Error | ID = 1000
Description = Application défaillante msnmsgr.exe, version 14.0.8064.206, horodatage
0x498cf586, module défaillant unknown, version 0.0.0.0, horodatage 0x00000000,
code d’exception 0xc0000005, décalage d’erreur 0x00000000, ID du processus 0x1150,
heure de début de l’application 0x01ca469fca093590.

[ System Events ]
Error - 04/11/2009 17:47:15 | Computer Name = PC-de-sOf | Source = Microsoft-Windows-TBS | ID = 516
Description =

Error - 05/11/2009 16:18:49 | Computer Name = PC-de-sOf | Source = Microsoft-Windows-TBS | ID = 516
Description =

Error - 13/11/2009 12:40:13 | Computer Name = PC-de-sOf | Source = Microsoft-Windows-TBS | ID = 516
Description =

Error - 14/11/2009 09:11:52 | Computer Name = PC-de-sOf | Source = Microsoft-Windows-TBS | ID = 516
Description =

Error - 15/11/2009 06:59:13 | Computer Name = PC-de-sOf | Source = Microsoft-Windows-TBS | ID = 516
Description =

Error - 17/11/2009 03:45:39 | Computer Name = PC-de-sOf | Source = DCOM | ID = 10010
Description =

Error - 19/11/2009 05:09:14 | Computer Name = PC-de-sOf | Source = Microsoft-Windows-TBS | ID = 516
Description =

Error - 29/11/2009 06:27:11 | Computer Name = PC-de-sOf | Source = Microsoft-Windows-TBS | ID = 516
Description =

Error - 04/12/2009 12:50:28 | Computer Name = PC-de-sOf | Source = Microsoft-Windows-TBS | ID = 516
Description =

Error - 04/12/2009 13:29:34 | Computer Name = PC-de-sOf | Source = Service Control Manager | ID = 7034
Description =


< End of report >
Revenir en haut Aller en bas
°sof°
Bibou
Bibou
°sof°


Féminin
Nombre de messages : 16
Age : 37
Localisation : centre
Date d'inscription : 04/12/2009

[résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!" Empty
MessageSujet: Re: [résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!"   [résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!" Icon_minitimeVen 4 Déc 2009 - 21:56
le second: "OTL.Txt"

OTL logfile created on: 04/12/2009 21:47:19 - Run 1
OTL by OldTimer - Version 3.1.11.5 Folder = D:\Téléchargement
Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18828)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1,93 Gb Total Physical Memory | 1,09 Gb Available Physical Memory | 56,70% Memory free
4,00 Gb Paging File | 3,03 Gb Available in Paging File | 75,71% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 48,83 Gb Total Space | 21,93 Gb Free Space | 44,91% Space Free | Partition Type: NTFS
Drive D: | 76,69 Gb Total Space | 71,33 Gb Free Space | 93,01% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PC-DE-SOF
Current User Name: sOf
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2009/12/04 21:46:07 | 00,535,552 | ---- | M] (OldTimer Tools) -- D:\Téléchargement\OTL.exe
PRC - [2009/11/25 00:51:40 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009/11/25 00:51:35 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009/11/25 00:51:21 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009/11/25 00:48:48 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009/11/25 00:43:56 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009/07/30 13:08:56 | 00,386,480 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jucheck.exe
PRC - [2009/07/30 13:08:56 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009/07/03 12:00:06 | 00,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2009/04/23 05:48:56 | 07,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2009/04/23 05:48:54 | 07,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2009/04/10 22:27:38 | 02,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/06/16 07:02:28 | 00,094,208 | ---- | M] (Hewlett-Packard) -- c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
PRC - [2008/06/04 18:27:04 | 00,150,040 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxtray.exe
PRC - [2008/06/04 18:27:02 | 00,256,536 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxsrvc.exe
PRC - [2008/06/04 18:26:58 | 00,141,848 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxpers.exe
PRC - [2008/06/04 18:26:50 | 00,170,520 | ---- | M] (Intel Corporation) -- C:\Windows\System32\hkcmd.exe
PRC - [2008/05/09 15:09:08 | 01,168,632 | ---- | M] (AuthenTec, Inc.) -- C:\Program Files\Fingerprint Sensor\AtService.exe
PRC - [2008/04/18 14:54:02 | 00,354,840 | R--- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
PRC - [2008/04/18 14:53:58 | 00,178,712 | R--- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANOTIF.EXE
PRC - [2008/04/16 07:18:34 | 00,165,192 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
PRC - [2008/04/15 13:51:00 | 00,488,752 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
PRC - [2008/04/14 05:39:34 | 00,576,536 | ---- | M] (PDF Complete Inc) -- C:\Program Files\PDF Complete\pdfsvc.exe
PRC - [2008/04/11 08:04:54 | 00,685,360 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
PRC - [2008/04/07 17:13:38 | 00,024,936 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\System32\hpservice.exe
PRC - [2008/04/04 16:10:24 | 01,314,816 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe
PRC - [2008/03/31 13:41:54 | 00,177,456 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
PRC - [2008/03/31 13:41:22 | 00,091,440 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
PRC - [2008/03/27 20:06:04 | 00,095,528 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
PRC - [2008/03/27 20:05:58 | 01,045,800 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2008/03/17 17:07:02 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2008/01/18 22:38:40 | 01,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007/12/11 11:15:04 | 00,012,800 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2007/10/19 08:28:24 | 00,086,016 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEADISRV.EXE
PRC - [2007/09/26 06:34:40 | 00,316,720 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
PRC - [2007/05/15 15:08:40 | 00,182,576 | ---- | M] (ActivIdentity) -- C:\Program Files\ActivIdentity\ActivClient\accoca.exe
PRC - [2007/05/15 15:08:38 | 00,095,024 | ---- | M] (ActivIdentity) -- C:\Program Files\ActivIdentity\ActivClient\acevents.exe
PRC - [2007/05/15 15:08:08 | 00,293,168 | ---- | M] (ActivIdentity) -- C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
PRC - [2007/05/08 15:24:20 | 00,054,840 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe


========== Modules (SafeList) ==========

MOD - [2009/12/04 21:46:07 | 00,535,552 | ---- | M] (OldTimer Tools) -- D:\Téléchargement\OTL.exe
MOD - [2009/04/10 22:21:40 | 01,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2009/11/25 00:51:35 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009/11/25 00:51:21 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009/11/25 00:48:48 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009/11/25 00:43:56 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2009/09/25 02:27:04 | 00,793,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2008/06/16 07:02:28 | 00,094,208 | ---- | M] (Hewlett-Packard) -- c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe -- (HP Health Check Service)
SRV - [2008/05/09 15:09:08 | 01,168,632 | ---- | M] (AuthenTec, Inc.) -- C:\Program Files\Fingerprint Sensor\AtService.exe -- (ATService)
SRV - [2008/04/18 14:54:02 | 00,354,840 | R--- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON) Intel(R)
SRV - [2008/04/16 07:18:34 | 00,165,192 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe -- (hpqwmiex)
SRV - [2008/04/14 05:39:34 | 00,576,536 | ---- | M] (PDF Complete Inc) -- C:\Program Files\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2008/04/08 13:12:50 | 01,112,560 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe -- (RoxMediaDB10)
SRV - [2008/04/07 17:13:38 | 00,024,936 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\System32\hpservice.exe -- (hpsrv)
SRV - [2008/03/24 06:35:22 | 00,074,384 | R--- | M] (MicroVision Development, Inc.) -- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- (stllssvr)
SRV - [2008/03/17 17:07:02 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2008/01/18 22:38:26 | 00,272,952 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2007/12/11 11:15:04 | 00,012,800 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2007/10/19 08:28:24 | 00,086,016 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEADISRV.EXE -- (AEADIFilters)
SRV - [2007/05/15 15:08:40 | 00,182,576 | ---- | M] (ActivIdentity) -- C:\Program Files\ActivIdentity\ActivClient\accoca.exe -- (accoca)
SRV - [2004/10/22 02:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)


========== Driver Services (SafeList) ==========

DRV - [2009/11/25 00:50:12 | 00,114,768 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2009/11/25 00:50:00 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009/11/25 00:49:48 | 00,053,328 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2009/11/25 00:49:07 | 00,048,560 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009/11/25 00:48:57 | 00,023,120 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009/03/27 05:48:22 | 01,810,992 | ---- | M] () -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2008/11/21 20:53:40 | 01,204,128 | ---- | M] (Agere Systems) -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2008/11/17 14:40:22 | 03,668,480 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R)
DRV - [2008/05/20 21:58:02 | 02,360,832 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2008/05/13 07:30:34 | 00,475,520 | ---- | M] (AuthenTec, Inc.) -- C:\Windows\System32\drivers\ATSwpWDF.sys -- (ATSwpWDF)
DRV - [2008/04/15 18:53:44 | 00,312,344 | ---- | M] (Intel Corporation) -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2008/04/11 15:38:44 | 00,382,464 | ---- | M] (Analog Devices, Inc.) -- C:\Windows\System32\drivers\ADIHdAud.sys -- (ADIHdAudAddService)
DRV - [2008/04/08 04:00:00 | 00,044,944 | ---- | M] (Sonic Solutions) -- C:\Windows\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2008/04/07 17:13:46 | 00,025,448 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\system32\DRIVERS\hpdskflt.sys -- (hpdskflt)
DRV - [2008/04/07 17:13:42 | 00,034,664 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2008/03/27 20:06:00 | 00,199,472 | ---- | M] (Synaptics, Inc.) -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2008/01/18 22:42:14 | 00,045,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tpm.sys -- (TPM) Module de plateforme sécurisée (TPM)
DRV - [2008/01/18 19:25:06 | 00,179,712 | ---- | M] (Broadcom Corporation) -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2006/11/02 10:51:45 | 00,900,712 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 10:51:38 | 00,420,968 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 10:51:34 | 00,316,520 | ---- | M] (Emulex) -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 10:51:32 | 00,297,576 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 10:51:25 | 00,235,112 | ---- | M] (ULi Electronics Inc.) -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 10:51:25 | 00,232,040 | ---- | M] (Intel Corporation) -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006/11/02 10:51:00 | 00,147,048 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 10:50:45 | 00,115,816 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 10:50:41 | 00,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 10:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 10:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 10:50:35 | 00,098,408 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 10:50:24 | 00,088,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006/11/02 10:50:19 | 00,045,160 | ---- | M] (IBM Corporation) -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 10:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 10:50:16 | 00,071,784 | ---- | M] (Silicon Integrated Systems) -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 10:50:13 | 00,040,040 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006/11/02 10:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 10:50:10 | 00,067,688 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 10:50:10 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 10:50:10 | 00,038,504 | ---- | M] (Silicon Integrated Systems Corp.) -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 10:50:10 | 00,037,480 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006/11/02 10:50:09 | 00,067,688 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 10:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 10:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 10:50:05 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 10:50:05 | 00,035,944 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 10:50:04 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 10:50:03 | 00,034,920 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 10:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 10:49:56 | 00,031,848 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 10:49:53 | 00,028,776 | ---- | M] (LSI Logic Corporation) -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 10:49:30 | 00,017,512 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2006/11/02 10:49:28 | 00,016,488 | ---- | M] (CMD Technology, Inc.) -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2006/11/02 10:49:20 | 00,014,952 | ---- | M] (Acer Laboratories Inc.) -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006/11/02 09:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 09:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 09:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 09:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 09:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 09:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 08:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 08:30:54 | 00,117,760 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2006/11/02 07:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv)
DRV - [2006/06/28 09:54:00 | 00,009,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Windows\System32\drivers\CPQBttn.sys -- (HBtnKey)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 05 E1 D7 8B E7 FB C9 01 [binary data]
IE - HKCU\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll (Spigot, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/10/20 17:07:19 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/10/17 18:02:47 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Sunbird 0.9\extensions\\Components: C:\Program Files\Mozilla Sunbird\components [2009/07/03 12:16:32 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Sunbird 0.9\extensions\\Plugins: C:\Program Files\Mozilla Sunbird\plugins
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.22\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2009/07/03 15:44:00 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.22\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins

[2009/07/08 10:37:54 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/07/03 16:58:29 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{B922D405-6D13-4A2B-AE89-08A030DA4402}
[2009/07/03 16:58:29 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\search@searchsettings.com
[2006/09/10 12:35:08 | 00,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2008/09/28 08:10:26 | 00,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2006/09/10 12:35:08 | 00,000,748 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\MediaDICO-fr.xml
[2008/03/29 14:59:44 | 00,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2006/09/12 19:49:04 | 00,000,652 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: (761 bytes) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [accrdsub] C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe (ActivIdentity)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\Windows\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [Persistence] C:\Windows\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe ( Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\pdfforge Toolbar\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\soundmax.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe (InterVideo Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O13 - gopher Prefix: missing
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab (GMNRev Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} https://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} http://lads.myspace.com/upload/MySpaceUploader2.cab (MySpace Uploader Control)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009/12/03 14:29:27 | 00,000,102 | RHS- | M] () - D:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{a30fef1a-6bbb-11de-aaac-00247e3fae3d}\Shell - "" = AutoRun
O33 - MountPoints2\{a30fef1a-6bbb-11de-aaac-00247e3fae3d}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

OTL cannot create restorepoints on Vista OSs!

========== Files/Folders - Created Within 30 Days ==========

[2009/12/04 20:49:13 | 00,000,000 | ---D | C] -- C:\Program Files\trend micro
[2009/12/04 20:49:13 | 00,000,000 | ---D | C] -- C:\rsit
[2009/12/04 20:49:13 | 00,000,000 | ---D | C] -- \rsit
[2009/12/04 18:35:36 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/12/04 18:35:33 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/12/04 18:35:33 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/12/04 18:35:33 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009/11/28 17:59:33 | 00,000,000 | ---D | C] -- C:\Users\sOf\.thumbnails
[2009/11/26 10:13:26 | 00,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2009/11/25 12:00:25 | 00,714,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2009/11/17 08:51:46 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Portable Devices
[2009/11/17 01:10:35 | 03,023,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbon.dll
[2009/11/17 01:10:35 | 01,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbonRes.dll
[2009/11/17 01:10:35 | 00,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll
[2009/11/17 01:10:12 | 00,369,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2009/11/17 01:10:12 | 00,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2009/11/17 01:10:11 | 00,974,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll
[2009/11/17 01:10:11 | 00,829,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2009/11/17 01:10:11 | 00,828,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2009/11/17 01:10:11 | 00,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2009/11/17 01:10:11 | 00,321,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2009/11/17 01:10:11 | 00,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2009/11/17 01:10:11 | 00,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiag.exe
[2009/11/17 01:10:11 | 00,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll
[2009/11/17 01:10:11 | 00,189,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2009/11/17 01:10:11 | 00,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2009/11/17 01:10:11 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2009/11/17 01:10:10 | 01,554,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll
[2009/11/17 01:10:10 | 01,064,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2009/11/17 01:10:10 | 01,030,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2009/11/17 01:10:10 | 00,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll
[2009/11/17 01:10:10 | 00,793,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FntCache.dll
[2009/11/17 01:10:10 | 00,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2009/11/17 01:10:10 | 00,486,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2009/11/17 01:10:10 | 00,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2009/11/17 01:10:10 | 00,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2009/11/17 01:10:10 | 00,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2009/11/17 01:10:10 | 00,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2009/11/17 01:10:10 | 00,161,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2009/11/17 01:09:45 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BthMtpContextHandler.dll
[2009/11/17 01:09:45 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDShextAutoplay.exe
[2009/11/17 01:09:44 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceConnectApi.dll
[2009/11/17 01:09:42 | 00,546,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll
[2009/11/17 01:09:42 | 00,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDSp.dll
[2009/11/17 01:09:42 | 00,334,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2009/11/17 01:09:42 | 00,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceWMDRM.dll
[2009/11/17 01:09:42 | 00,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll
[2009/11/17 01:09:42 | 00,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll
[2009/11/17 01:08:48 | 00,555,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAutomationCore.dll
[2009/11/17 01:08:48 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleaccrc.dll
[2009/11/13 10:32:34 | 02,421,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2009/11/13 10:32:34 | 00,044,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2009/11/13 10:32:17 | 00,575,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2009/11/13 10:32:17 | 00,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2009/11/13 10:32:17 | 00,035,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2009/11/13 10:32:11 | 00,171,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2009/11/13 10:32:11 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2009/11/12 11:56:58 | 02,036,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2009/11/12 11:56:55 | 00,355,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2009/07/01 18:46:11 | 00,180,224 | ---- | C] ( ) -- C:\Windows\System32\rsnp2uvc.dll
[2009/03/27 05:47:16 | 00,195,120 | ---- | C] ( ) -- C:\Windows\System32\csnp2uvc.dll

========== Files - Modified Within 30 Days ==========

[2009/12/04 21:47:26 | 01,835,008 | -HS- | M] () -- C:\Users\sOf\ntuser.dat
[2009/12/04 20:52:08 | 01,470,810 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/12/04 20:52:08 | 00,669,566 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2009/12/04 20:52:08 | 00,587,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/12/04 20:52:08 | 00,123,556 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2009/12/04 20:52:08 | 00,101,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/12/04 20:44:24 | 00,003,600 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/12/04 20:44:24 | 00,003,600 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/12/04 20:44:22 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/12/04 20:44:16 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/12/04 20:43:52 | 20,722,64704 | -HS- | M] () -- C:\hiberfil.sys
[2009/12/04 20:42:48 | 00,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2009/12/04 20:42:42 | 00,524,288 | -HS- | M] () -- C:\Users\sOf\ntuser.dat{3d4e88f1-6a70-11db-b1ba-d64300c9c793}.TMContainer00000000000000000001.regtrans-ms
[2009/12/04 20:42:42 | 00,065,536 | -HS- | M] () -- C:\Users\sOf\ntuser.dat{3d4e88f1-6a70-11db-b1ba-d64300c9c793}.TM.blf
[2009/12/04 18:35:38 | 00,000,823 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/12/03 16:14:06 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/12/03 16:13:56 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/11/28 18:04:20 | 00,001,538 | ---- | M] () -- C:\Users\sOf\.recently-used.xbel
[2009/11/28 01:14:41 | 00,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2009/11/25 00:54:29 | 01,280,480 | ---- | M] (ALWIL Software) -- C:\Windows\System32\aswBoot.exe
[2009/11/25 00:50:12 | 00,114,768 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys
[2009/11/25 00:50:00 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2009/11/25 00:49:48 | 00,053,328 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2009/11/25 00:49:07 | 00,048,560 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2009/11/25 00:48:57 | 00,023,120 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2009/11/25 00:47:28 | 00,097,480 | ---- | M] (ALWIL Software) -- C:\Windows\System32\AvastSS.scr
[2009/11/17 08:43:38 | 00,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2009/11/17 08:43:32 | 00,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2009/11/13 10:40:11 | 00,285,728 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

========== Files Created - No Company Name ==========

[2009/12/04 18:35:38 | 00,000,823 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/11/28 18:04:20 | 00,001,538 | ---- | C] () -- C:\Users\sOf\.recently-used.xbel
[2009/11/17 08:43:38 | 00,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2009/11/17 08:43:32 | 00,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2009/10/06 17:23:43 | 20,722,64704 | -HS- | C] () --
[2009/07/03 16:27:54 | 00,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2009/07/03 15:02:47 | 00,000,450 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009/07/03 11:26:47 | 00,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2009/07/03 11:26:47 | 00,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2009/07/03 11:26:47 | 00,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2009/07/03 11:26:47 | 00,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2009/07/03 11:26:47 | 00,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2009/07/03 11:26:47 | 00,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2009/07/02 20:03:28 | 00,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/07/01 19:09:29 | 00,333,257 | RHS- | C] () -- \bootmgr
[2009/07/01 18:46:10 | 00,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini
[2009/07/01 18:45:37 | 00,000,571 | ---- | C] () -- C:\Windows\HBCIKRNL.INI
[2009/07/01 18:40:30 | 00,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1488.dll
[2009/07/01 18:39:45 | 01,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2009/07/01 18:22:33 | 23,859,89632 | -HS- | C] () --
[2009/03/27 05:48:22 | 01,810,992 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2009/03/27 05:48:12 | 00,034,096 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
[2006/11/02 11:23:09 | 00,000,024 | ---- | C] () -- \autoexec.bat
[2006/11/02 08:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 07:25:08 | 00,000,010 | ---- | C] () -- \config.sys
[2005/04/04 04:30:00 | 00,110,592 | ---- | C] () -- C:\Windows\System32\scardsyn.dll
[1998/05/07 09:10:00 | 00,069,632 | ---- | C] () -- C:\Windows\System32\ODMA32.dll

========== LOP Check ==========

[2009/12/04 20:42:48 | 00,032,602 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2006/09/18 22:43:36 | 00,000,024 | ---- | M] () -- C:\autoexec.bat
[2009/04/10 22:36:38 | 00,333,257 | RHS- | M] () -- C:\bootmgr
[2006/09/18 22:43:37 | 00,000,010 | ---- | M] () -- C:\config.sys
[2009/12/04 20:43:52 | 20,722,64704 | -HS- | M] () -- C:\hiberfil.sys
[2009/12/04 20:43:51 | 23,859,89632 | -HS- | M] () -- C:\pagefile.sys

< %SYSTEMDRIVE%\*.exe >

< %PROGRAMFILES%\*.* >
[2009/07/01 22:01:20 | 00,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini

< %PROGRAMFILES%\*. >
[2009/07/09 15:04:53 | 00,000,000 | ---D | M] -- C:\Program Files\7-Zip
[2009/07/01 19:13:19 | 00,000,000 | ---D | M] -- C:\Program Files\ActivIdentity
[2009/07/30 12:54:57 | 00,000,000 | ---D | M] -- C:\Program Files\Adobe
[2009/07/30 12:53:29 | 00,000,000 | ---D | M] -- C:\Program Files\Alwil Software
[2009/07/01 18:42:02 | 00,000,000 | ---D | M] -- C:\Program Files\Analog Devices
[2009/07/30 13:04:02 | 00,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2009/10/20 17:07:26 | 00,000,000 | ---D | M] -- C:\Program Files\Ask.com
[2009/07/30 13:00:40 | 00,000,000 | ---D | M] -- C:\Program Files\Astonsoft
[2009/07/30 13:00:17 | 00,000,000 | ---D | M] -- C:\Program Files\Audacity
[2009/10/20 17:07:15 | 00,000,000 | ---D | M] -- C:\Program Files\BitTorrent
[2009/07/01 18:54:49 | 00,000,000 | ---D | M] -- C:\Program Files\Broadcom
[2009/07/03 13:15:00 | 00,000,000 | ---D | M] -- C:\Program Files\Common Files
[2009/07/03 12:18:21 | 00,000,000 | ---D | M] -- C:\Program Files\Dia
[2009/07/01 18:29:09 | 00,000,000 | -HSD | M] -- C:\Program Files\Fichiers communs
[2009/07/30 12:57:06 | 00,000,000 | ---D | M] -- C:\Program Files\FileZilla FTP Client
[2009/07/02 21:11:17 | 00,000,000 | ---D | M] -- C:\Program Files\Fingerprint Sensor
[2009/07/30 13:01:18 | 00,000,000 | ---D | M] -- C:\Program Files\GanttProject
[2009/07/30 13:01:38 | 00,000,000 | ---D | M] -- C:\Program Files\GIMP-2.0
[2009/07/08 16:53:48 | 00,000,000 | ---D | M] -- C:\Program Files\Google
[2009/07/03 12:15:56 | 00,000,000 | ---D | M] -- C:\Program Files\Hewlett-Packard
[2009/07/03 11:33:32 | 00,000,000 | ---D | M] -- C:\Program Files\HP
[2009/07/03 11:35:22 | 00,000,000 | ---D | M] -- C:\Program Files\HP Webcam Application
[2009/07/03 12:18:35 | 00,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2009/07/01 18:44:53 | 00,000,000 | ---D | M] -- C:\Program Files\Intel
[2009/11/04 09:48:19 | 00,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2009/07/03 11:26:31 | 00,000,000 | ---D | M] -- C:\Program Files\InterVideo
[2009/07/30 13:08:53 | 00,000,000 | ---D | M] -- C:\Program Files\Java
[2009/07/30 13:11:13 | 00,000,000 | ---D | M] -- C:\Program Files\JRE
[2009/07/01 20:50:21 | 00,000,000 | ---D | M] -- C:\Program Files\LSI SoftModem
[2009/12/04 18:35:40 | 00,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/11/10 19:35:27 | 00,000,000 | ---D | M] -- C:\Program Files\Messenger Plus! Live
[2009/10/07 10:09:25 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft
[2009/10/07 14:10:25 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2009/10/07 10:10:19 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2009/07/02 20:16:41 | 00,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2009/07/09 15:21:02 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2009/07/08 14:15:08 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Sunbird
[2009/07/08 14:15:08 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Thunderbird
[2006/11/02 13:37:40 | 00,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2009/07/03 17:31:36 | 00,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2009/07/30 13:11:10 | 00,000,000 | ---D | M] -- C:\Program Files\OpenOffice.org 3
[2009/07/03 11:34:59 | 00,000,000 | ---D | M] -- C:\Program Files\PDF Complete
[2009/07/03 16:58:42 | 00,000,000 | ---D | M] -- C:\Program Files\PDFCreator
[2009/07/03 16:58:30 | 00,000,000 | ---D | M] -- C:\Program Files\pdfforge Toolbar
[2009/07/30 13:04:53 | 00,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2009/07/03 12:00:08 | 00,000,000 | ---D | M] -- C:\Program Files\Real
[2006/11/02 13:37:40 | 00,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2009/07/08 10:39:56 | 00,000,000 | ---D | M] -- C:\Program Files\Roxio
[2009/07/01 18:45:26 | 00,000,000 | ---D | M] -- C:\Program Files\SCM Microsystems
[2009/07/01 18:39:58 | 00,000,000 | ---D | M] -- C:\Program Files\Synaptics
[2009/07/03 12:15:08 | 00,000,000 | ---D | M] -- C:\Program Files\Toucan
[2009/12/04 21:26:08 | 00,000,000 | ---D | M] -- C:\Program Files\trend micro
[2006/11/02 14:01:28 | 00,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2009/07/30 13:07:03 | 00,000,000 | ---D | M] -- C:\Program Files\VideoLAN
[2009/07/02 20:16:41 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Calendar
[2009/07/02 20:16:41 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Collaboration
[2009/07/02 20:16:39 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Defender
[2009/07/02 20:16:41 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Journal
[2009/10/07 10:11:03 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Live
[2009/07/30 13:13:40 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Live SkyDrive
[2009/11/13 10:34:55 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Mail
[2009/11/04 09:48:07 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2009/07/01 18:29:09 | 00,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2009/07/02 20:16:40 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Photo Gallery
[2009/11/17 08:51:46 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Portable Devices
[2009/07/02 20:16:41 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Sidebar

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2009-12-04 19:42:06

< >

< >
< End of report >
Revenir en haut Aller en bas
GrosBébé
Moderateurs (trices)
Moderateurs (trices)
GrosBébé


Masculin
Nombre de messages : 6878
Age : 43
Localisation : devant le pc
Date d'inscription : 18/12/2007

[résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!" Empty
MessageSujet: Re: [résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!"   [résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!" Icon_minitimeSam 5 Déc 2009 - 9:01
Salut °Sof°

Alors on va désinstaller quelques programmes, supprimer quelques dossiers, et lancer un scan supplémentaire avec un autre logiciel.


Etape 1

Désinstalle les programmes suivants svp :

Ask Toolbar
pdfforge Toolbar v1.1 (celui ci est livré avec un vilain)


Etape 2

Relance OTL

  • Dans le cadre Custom Scans/Fixes qui est en bas, colle le contenu du cadre ci dessous :

    Citation :
    :OTL
    IE - HKCU\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll (Spigot, Inc.)
    [2009/07/03 16:58:29 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{B922D405-6D13-4A2B-AE89-08A030DA4402}
    [2009/07/03 16:58:29 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\search@searchsettings.com
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
    O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll (Spigot, Inc.)
    O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
    O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll (Spigot, Inc.)
    O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll (Spigot, Inc.)
    O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
    O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
    O4 - HKLM..\Run: [SearchSettings] C:\Program Files\pdfforge Toolbar\SearchSettings.exe (Spigot, Inc.)
    O32 - AutoRun File - [2009/12/03 14:29:27 | 00,000,102 | RHS- | M] () - D:\autorun.inf -- [ NTFS ]
    O33 - MountPoints2\{a30fef1a-6bbb-11de-aaac-00247e3fae3d}\Shell - "" = AutoRun
    O33 - MountPoints2\{a30fef1a-6bbb-11de-aaac-00247e3fae3d}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found
    [2009/10/20 17:07:26 | 00,000,000 | ---D | M] -- C:\Program Files\Ask.com
    [2009/07/03 16:58:30 | 00,000,000 | ---D | M] -- C:\Program Files\pdfforge Toolbar

    :Commands
    [purity]
    [emptytemp]
    Puis clique sur le bouton Run Fix en haut.
  • Laisse OTL tourner, le pc va redémarrer.
  • Au redémarrage, un nouveau rapport va s'ouvrir, copie/colle son contenu ici svp



Etape 3

Usbfix, rends toi sur cette page pour télécharger usbfix : http://pagesperso-orange.fr/nostools/tuto_usbfix2.html
Branche tous tes périphériques usb (clé, lecteur mp3, disque dur externe, etc.) sans les ouvrir.
Puis lance usbfix et choisis l'option 1 recherche
Copie/colle le rapport que tu obtiendras svp.


Etape 4

Copie/colle les rapports OTL et UsbFix dans ta prochaine réponse svp


A plus tard Smile
Revenir en haut Aller en bas
°sof°
Bibou
Bibou
°sof°


Féminin
Nombre de messages : 16
Age : 37
Localisation : centre
Date d'inscription : 04/12/2009

[résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!" Empty
MessageSujet: Re: [résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!"   [résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!" Icon_minitimeSam 5 Déc 2009 - 12:45
OTL n'a pas marché comme c'était prévu, au redémarrage de mon ordi j'ai un message de Windows Defender qui dit
"échec de l'initialisation de l'application: 0x800106ba. Un problème a provoqué l'arrêt du service de ce programme. Pour démarrer le service, redémarrez votre ordinateur ou recherchez dans le Centre d'aide et de support la méthode de démarrage manuel"

J'ai redémarré 2 fois, j'ai plus rien sur mon Bureau, la moitié de mes programmes ont disparus, Open office writer, paint, ... entre autre n'est plus là!!

Sad

édit > du coup, est ce que je dois faire une restauration de vista?
Revenir en haut Aller en bas
GrosBébé
Moderateurs (trices)
Moderateurs (trices)
GrosBébé


Masculin
Nombre de messages : 6878
Age : 43
Localisation : devant le pc
Date d'inscription : 18/12/2007

[résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!" Empty
MessageSujet: Re: [résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!"   [résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!" Icon_minitimeSam 5 Déc 2009 - 13:19
Tu me réponds depuis quel pc ?

°sof° a écrit:
J'ai redémarré 2 fois, j'ai plus rien sur mon Bureau, la moitié de mes programmes ont disparus, Open office writer, paint, ... entre autre n'est plus là!!
Ce sont les programmes ou toutes les icônes du bureau qui ont disparu ?
Revenir en haut Aller en bas
°sof°
Bibou
Bibou
°sof°


Féminin
Nombre de messages : 16
Age : 37
Localisation : centre
Date d'inscription : 04/12/2009

[résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!" Empty
MessageSujet: Re: [résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!"   [résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!" Icon_minitimeSam 5 Déc 2009 - 13:31
Je répond du même PC (je sais pas par quel miracle, le net marche très bien! xD).
Je pense que se sont bien les programmes qui ont disparu ...
quand je vais dans "panneau de config" > "Programmes et fonctions" il me manque pleins de programmes.
Revenir en haut Aller en bas
GrosBébé
Moderateurs (trices)
Moderateurs (trices)
GrosBébé


Masculin
Nombre de messages : 6878
Age : 43
Localisation : devant le pc
Date d'inscription : 18/12/2007

[résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!" Empty
MessageSujet: Re: [résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!"   [résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!" Icon_minitimeSam 5 Déc 2009 - 13:44
Shocked Je crois que je sais ce qui s'est passé ...

Est ce que tu pourrais regarder dans ce dossier svp
C:\_OTL\MovedFiles
Et copie/colle le contenu du fichier log que tu y trouveras.
Revenir en haut Aller en bas
°sof°
Bibou
Bibou
°sof°


Féminin
Nombre de messages : 16
Age : 37
Localisation : centre
Date d'inscription : 04/12/2009

[résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!" Empty
MessageSujet: Re: [résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!"   [résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!" Icon_minitimeSam 5 Déc 2009 - 13:57
Je trouve pas ce dossier ... xD

mais j'ai ça qui vient de s'ouvrir tout seul:

All processes killed
========== OTL ==========
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}\ not found.
File C:\Program Files\pdfforge Toolbar\SearchSettings.dll not found.
Folder C:\Program Files\mozilla firefox\extensions\{B922D405-6D13-4A2B-AE89-08A030DA4402}\ not found.
Folder C:\Program Files\mozilla firefox\extensions\search@searchsettings.com\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402}\ not found.
File C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}\ not found.
File C:\Program Files\pdfforge Toolbar\SearchSettings.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402}\ not found.
File C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SearchSettings not found.
File C:\Program Files\pdfforge Toolbar\SearchSettings.exe not found.
D:\autorun.inf moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a30fef1a-6bbb-11de-aaac-00247e3fae3d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a30fef1a-6bbb-11de-aaac-00247e3fae3d}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a30fef1a-6bbb-11de-aaac-00247e3fae3d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a30fef1a-6bbb-11de-aaac-00247e3fae3d}\ not found.
File G:\LaunchU3.exe not found.
Folder C:\Program Files\Ask.com\ not found.
Folder C:\Program Files\pdfforge Toolbar\ not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users
->Temporary Internet Files folder emptied: 171036468 bytes

User: Default
->Temporary Internet Files folder emptied: 14770216 bytes

User: Default User
->Temporary Internet Files folder emptied: 0 bytes

User: Public
->Temporary Internet Files folder emptied: 76407613 bytes

User: sOf
->Temporary Internet Files folder emptied: 633533217 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
Windows Temp folder emptied: 752 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 854,25 mb


OTL by OldTimer - Version 3.1.11.5 log created on 12052009_121909

Files\Folders moved on Reboot...
File\Folder C:\Users\All Users\Microsoft\Windows Defender\Support\MPLog-11022006-050253.log not found!
File\Folder C:\Users\All Users\Microsoft\Windows Defender\Definition Updates\{75EA3C40-95DE-4BCD-B697-03DA6610668D}\mpengine.dll not found!
File move failed. C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore\CiST0000.000 scheduled to be moved on reboot.
File move failed. C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\CiPT0000.000 scheduled to be moved on reboot.
File move failed. C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\Used0000.000 scheduled to be moved on reboot.
File move failed. C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010001.ci scheduled to be moved on reboot.
File move failed. C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010001.dir scheduled to be moved on reboot.
File move failed. C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010001.wid scheduled to be moved on reboot.
File move failed. C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010002.ci scheduled to be moved on reboot.
File move failed. C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010002.dir scheduled to be moved on reboot.
File move failed. C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010002.wid scheduled to be moved on reboot.
File move failed. C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010003.ci scheduled to be moved on reboot.
File move failed. C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010003.dir scheduled to be moved on reboot.
File move failed. C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010003.wid scheduled to be moved on reboot.
File move failed. C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010004.ci scheduled to be moved on reboot.
File move failed. C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010004.dir scheduled to be moved on reboot.
File move failed. C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010004.wid scheduled to be moved on reboot.
File move failed. C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010008.ci scheduled to be moved on reboot.
File move failed. C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010008.dir scheduled to be moved on reboot.
File move failed. C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010008.wid scheduled to be moved on reboot.
File\Folder C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000D.ci not found!
File\Folder C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000D.dir not found!
File\Folder C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000D.wid not found!
File\Folder C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000D.wsb not found!
File\Folder C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010011.ci not found!
File\Folder C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010011.dir not found!
File\Folder C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010011.wid not found!
File\Folder C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010012.ci not found!
File\Folder C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010012.dir not found!
File\Folder C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010012.wid not found!
File\Folder C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010013.ci not found!
File\Folder C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010013.dir not found!
File\Folder C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010013.wid not found!
File\Folder C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010014.ci not found!
File\Folder C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010014.dir not found!
File\Folder C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010014.wid not found!
File\Folder C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010015.ci not found!
File\Folder C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010015.dir not found!
File\Folder C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010015.wid not found!
File\Folder C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010016.ci not found!
File\Folder C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010016.dir not found!
File\Folder C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010016.wid not found!
File\Folder C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010017.ci not found!
File\Folder C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010017.dir not found!
File\Folder C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010017.wid not found!
File move failed. C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\INDEX.000 scheduled to be moved on reboot.
File move failed. C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk1.gthr scheduled to be moved on reboot.
File move failed. C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk2.gthr scheduled to be moved on reboot.
File move failed. C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy3.gthr scheduled to be moved on reboot.
File\Folder C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.48.Crwl not found!
File\Folder C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.48.gthr not found!
File move failed. C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\MSS.log scheduled to be moved on reboot.
File move failed. C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\MSStmp.log scheduled to be moved on reboot.
File move failed. C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\tmp.edb scheduled to be moved on reboot.
File move failed. C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\Windows.edb scheduled to be moved on reboot.
File move failed. C:\Users\All Users\Microsoft\Network\Downloader\qmgr0.dat scheduled to be moved on reboot.
File move failed. C:\Users\All Users\Microsoft\Network\Downloader\qmgr1.dat scheduled to be moved on reboot.
File move failed. C:\Users\sOf\AppData\Local\Microsoft\Windows Sidebar\Settings.ini scheduled to be moved on reboot.
File move failed. C:\Users\sOf\AppData\Local\Microsoft\Windows\UsrClass.dat scheduled to be moved on reboot.
File move failed. C:\Users\sOf\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1 scheduled to be moved on reboot.
File move failed. C:\Users\sOf\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG2 scheduled to be moved on reboot.
File move failed. C:\Users\sOf\AppData\Local\Microsoft\Windows\UsrClass.dat{3388dda4-b284-11de-97ca-8d75871e8274}.TM.blf scheduled to be moved on reboot.
File move failed. C:\Users\sOf\AppData\Local\Microsoft\Windows\UsrClass.dat{3388dda4-b284-11de-97ca-8d75871e8274}.TMContainer00000000000000000001.regtrans-ms scheduled to be moved on reboot.
File move failed. C:\Users\sOf\AppData\Local\Microsoft\Windows\UsrClass.dat{3388dda4-b284-11de-97ca-8d75871e8274}.TMContainer00000000000000000002.regtrans-ms scheduled to be moved on reboot.
File move failed. C:\Users\sOf\ntuser.dat scheduled to be moved on reboot.
File move failed. C:\Users\sOf\ntuser.dat.LOG1 scheduled to be moved on reboot.
File move failed. C:\Users\sOf\ntuser.dat.LOG2 scheduled to be moved on reboot.
File move failed. C:\Users\sOf\ntuser.dat{3d4e88f1-6a70-11db-b1ba-d64300c9c793}.TM.blf scheduled to be moved on reboot.
File move failed. C:\Users\sOf\ntuser.dat{3d4e88f1-6a70-11db-b1ba-d64300c9c793}.TMContainer00000000000000000001.regtrans-ms scheduled to be moved on reboot.
File move failed. C:\Users\sOf\ntuser.dat{3d4e88f1-6a70-11db-b1ba-d64300c9c793}.TMContainer00000000000000000002.regtrans-ms scheduled to be moved on reboot.
File move failed. C:\Windows\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...
Revenir en haut Aller en bas
GrosBébé
Moderateurs (trices)
Moderateurs (trices)
GrosBébé


Masculin
Nombre de messages : 6878
Age : 43
Localisation : devant le pc
Date d'inscription : 18/12/2007

[résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!" Empty
MessageSujet: Re: [résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!"   [résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!" Icon_minitimeSam 5 Déc 2009 - 14:07
...
Je sais ce qui s'est passé, j'aimerais juste avoir une confirmation. En fait, j'espère avoir le contraire de la confirmation ...


  • Ferme toutes tes fenêtres, puis double clique sur OTL.exe pour lancer OTL.
  • Sous Custom Scans (en bas), copie/colle ceci

    hklm\software\microsoft\windows\currentversion\explorer\shell folders
    hkcu\software\microsoft\windows\currentversion\explorer\shell folders
    hklm\SYSTEM\CurrentControlSet\Control\Session Manager\Environment
    set /c

  • Clique sur le bouton Run Scan en haut à gauche puis patiente quelques instants.
  • A la fin du scan, post le rapport svp ...
Revenir en haut Aller en bas
°sof°
Bibou
Bibou
°sof°


Féminin
Nombre de messages : 16
Age : 37
Localisation : centre
Date d'inscription : 04/12/2009

[résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!" Empty
MessageSujet: Re: [résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!"   [résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!" Icon_minitimeSam 5 Déc 2009 - 14:30
Je l'ai lancé 2 fois, ça fait le scan et après ça dit que le programme ne répond pas ...
Mad
Revenir en haut Aller en bas
GrosBébé
Moderateurs (trices)
Moderateurs (trices)
GrosBébé


Masculin
Nombre de messages : 6878
Age : 43
Localisation : devant le pc
Date d'inscription : 18/12/2007

[résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!" Empty
MessageSujet: Re: [résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!"   [résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!" Icon_minitimeSam 5 Déc 2009 - 14:45
Essaie comme ça


  • Ferme toutes tes fenêtres, puis double clique sur OTL.exe pour lancer OTL.
  • Clique sur None
  • Sous Custom Scans (en bas), copie/colle ceci

    hklm\software\microsoft\windows\currentversion\explorer\shell folders
    hkcu\software\microsoft\windows\currentversion\explorer\shell folders
    hklm\SYSTEM\CurrentControlSet\Control\Session Manager\Environment
    set /c

  • Clique sur le bouton Run Scan en haut à gauche puis patiente quelques instants.
  • A la fin du scan, post le rapport svp ...
Revenir en haut Aller en bas
°sof°
Bibou
Bibou
°sof°


Féminin
Nombre de messages : 16
Age : 37
Localisation : centre
Date d'inscription : 04/12/2009

[résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!" Empty
MessageSujet: Re: [résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!"   [résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!" Icon_minitimeSam 5 Déc 2009 - 14:56
ça fait pareil, le programme ne répond pas ...

Et faire une restauration de windows vista ça remettrait pas les choses en place?
Revenir en haut Aller en bas
GrosBébé
Moderateurs (trices)
Moderateurs (trices)
GrosBébé


Masculin
Nombre de messages : 6878
Age : 43
Localisation : devant le pc
Date d'inscription : 18/12/2007

[résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!" Empty
MessageSujet: Re: [résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!"   [résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!" Icon_minitimeSam 5 Déc 2009 - 15:19
Clique ici pour télécharger SystemLook (de jpshortstuff) sur ton bureau (autre lien)

  • Double clique sur SystemLook pour le lancer
  • Copie le texte qui se trouve dans l'encadré ci-dessous et colle le dans la fenêtre de texte de SystemLook.
    Citation :
    :reg
    hklm\software\microsoft\windows\currentversion\explorer\shell folders
    hkcu\software\microsoft\windows\currentversion\explorer\shell folders
    hklm\SYSTEM\CurrentControlSet\Control\Session Manager\Environment
  • Clique sur le bouton Look pour lancer le scan
  • A la fin, poste le rapport qui apparaitra dans le bloc note (le rapport se trouve aussi ici sur ton bureau sous le nom SystemLook.txt

ça devrait durer quelques secondes
Revenir en haut Aller en bas
°sof°
Bibou
Bibou
°sof°


Féminin
Nombre de messages : 16
Age : 37
Localisation : centre
Date d'inscription : 04/12/2009

[résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!" Empty
MessageSujet: Re: [résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!"   [résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!" Icon_minitimeSam 5 Déc 2009 - 15:32
ça ne marche pas non plus, dès que je clic sur Look ça me met "system querying tool (ou un truc du genre)a cessé de fonctionner"...
Revenir en haut Aller en bas
GrosBébé
Moderateurs (trices)
Moderateurs (trices)
GrosBébé


Masculin
Nombre de messages : 6878
Age : 43
Localisation : devant le pc
Date d'inscription : 18/12/2007

[résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!" Empty
MessageSujet: Re: [résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!"   [résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!" Icon_minitimeSam 5 Déc 2009 - 15:42
°sof° a écrit:
Et faire une restauration de windows vista ça remettrait pas les choses en place?

Bon ...
Je suis réellement désolé, mais il n'y a rien que je puisse faire pour corriger ce qui s'est produit, il semble que ce soit dû à un mauvais réglage de windows. Du fait de ce mauvais réglage, OTL est devenu confus et a supprimé plus que ce qu'il devait, y compris des fichiers relatifs à windows et à tes programmes ... je suis même étonné que tu puisses te loguer sur windows.


Tu peux essayer de lancer une restauration, mais le mal est fait et tu ne pourras pas tout récupéré ...
Essaie toujours, mais je crois que tu vas devoir formaté (enfin tu n'en es pas là)

Je suis réellement désolé de ce qui s'est produit.
Essaie toujours de t'adresser à un autre forum pour avoir un avis supplémentaire, celui ci de préférence : http://forum.zebulon.fr/analyse-rapports-hijackthis-eradication-malwares-f51.html
Après tout je peux me tromper ...
Mais je ne peux pas rattraper ce qui a été fait.
Revenir en haut Aller en bas
°sof°
Bibou
Bibou
°sof°


Féminin
Nombre de messages : 16
Age : 37
Localisation : centre
Date d'inscription : 04/12/2009

[résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!" Empty
MessageSujet: Re: [résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!"   [résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!" Icon_minitimeSam 5 Déc 2009 - 18:27
Pour info, j'ai fait une restauration de windows vista et tout est reviendu comme avant!
OUF!
Et le "virus" n'est plus dans ma barre d'outils ... donc voilà.

Merci pour ton aide "GrosBébé", même si tu m'as fait faire des choses qui m'ont fait pleurer sur mon ordi! Laughing
Revenir en haut Aller en bas
GrosBébé
Moderateurs (trices)
Moderateurs (trices)
GrosBébé


Masculin
Nombre de messages : 6878
Age : 43
Localisation : devant le pc
Date d'inscription : 18/12/2007

[résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!" Empty
MessageSujet: Re: [résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!"   [résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!" Icon_minitimeSam 5 Déc 2009 - 18:35
Ouaou, va jouer au loto, parce que là tu as de la chance.
Un de mes collègues sur un autre forum a eu beaucoup moins de chance : la personne dont il s'occupait ne pouvait même plus se connecter à son pc, il était cuit.


Est ce que tu me fais assez confiance pour continuer ? ou tu préfères en rester là ? (ce que je comprendrais Wink )
Revenir en haut Aller en bas
°sof°
Bibou
Bibou
°sof°


Féminin
Nombre de messages : 16
Age : 37
Localisation : centre
Date d'inscription : 04/12/2009

[résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!" Empty
MessageSujet: Re: [résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!"   [résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!" Icon_minitimeSam 5 Déc 2009 - 19:18
Je préfère ne plus rien tenter! Laughing
Revenir en haut Aller en bas
GrosBébé
Moderateurs (trices)
Moderateurs (trices)
GrosBébé


Masculin
Nombre de messages : 6878
Age : 43
Localisation : devant le pc
Date d'inscription : 18/12/2007

[résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!" Empty
MessageSujet: Re: [résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!"   [résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!" Icon_minitimeSam 5 Déc 2009 - 21:29
Ok, alors supprime les logiciels que je t'ai demandés d'installer : tfc, otl, rsit, gmer, systemlook ... ainsi que tous les rapports que tu as sur le bureau.

Et supprime ces dossiers
C:\_OTL
C:\rsit

Désinstalle Hijackthis


Conserve Malwarebyte, c'est un bon logiciel que je te conseille d'utiliser régulièrement après l'avoir mis à jour Smile

Encore une fois, désolé pour le désagrément.
Revenir en haut Aller en bas
Patdam
Apprentis-Helpers
Apprentis-Helpers
Patdam


Masculin
Nombre de messages : 1077
Age : 61
Localisation : Savoie
Date d'inscription : 15/11/2009

[résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!" Empty
MessageSujet: Re: [résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!"   [résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!" Icon_minitimeSam 5 Déc 2009 - 22:17
Bonsoir GroBébé

Je m'excuse d'intervenir dans ce post, j'aurai aimé te contacter par mp mais apparemment je n'en ai pas encore le droit. Peux tu y remédier ?

Merci
Revenir en haut Aller en bas
GrosBébé
Moderateurs (trices)
Moderateurs (trices)
GrosBébé


Masculin
Nombre de messages : 6878
Age : 43
Localisation : devant le pc
Date d'inscription : 18/12/2007

[résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!" Empty
MessageSujet: Re: [résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!"   [résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!" Icon_minitimeSam 5 Déc 2009 - 23:06
Bonsoir Patdam

Patdam a écrit:
Peux tu y remédier ?
Euh non, ce n'est pas de mon ressort, mais tu peux me contacter sur FACV si tu veux Wink
Revenir en haut Aller en bas
arctarus
Bibou de bronze
Bibou de bronze
arctarus


Masculin
Nombre de messages : 2788
Age : 47
Localisation : vogue et vous surveille !
Humeur : content
Date d'inscription : 14/05/2008

[résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!" Empty
MessageSujet: Re: [résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!"   [résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!" Icon_minitimeSam 5 Déc 2009 - 23:56
salut je me permet d'intervenir et dire que GBB t'es trop fort !
Revenir en haut Aller en bas
GrosBébé
Moderateurs (trices)
Moderateurs (trices)
GrosBébé


Masculin
Nombre de messages : 6878
Age : 43
Localisation : devant le pc
Date d'inscription : 18/12/2007

[résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!" Empty
MessageSujet: Re: [résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!"   [résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!" Icon_minitimeDim 6 Déc 2009 - 13:04
Trop fort je ne sais pas, mais c'est bête qu'il y ait eu ce souci.
Revenir en haut Aller en bas
GrosBébé
Moderateurs (trices)
Moderateurs (trices)
GrosBébé


Masculin
Nombre de messages : 6878
Age : 43
Localisation : devant le pc
Date d'inscription : 18/12/2007

[résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!" Empty
MessageSujet: Re: [résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!"   [résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!" Icon_minitimeDim 6 Déc 2009 - 13:05
Citation :
Pour info, j'ai fait une restauration de windows vista et tout est reviendu comme avant!
OUF!
Et le "virus" n'est plus dans ma barre d'outils ... donc voilà.

Le sujet semble résolu, je le verrouille. Si pour une raison ou une autre, vous avez besoin de le réouvrir, faites en la demande par MP en précisant la raison et le lien vers ce sujet. Ceci ne s'applique qu'à °sof°. Pour les autres, créez votre propre sujet svp.
Revenir en haut Aller en bas
Contenu sponsorisé





[résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!" Empty
MessageSujet: Re: [résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!"   [résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!" Icon_minitime
Revenir en haut Aller en bas
 
[résolu] virus ";) anna I Liebe YOU ==> MILK@3I_!!!"
Revenir en haut 
Page 1 sur 1
 Sujets similaires
-
» probleme desinstallation "favorit" (résolu)
» VIRUS d'après "avira"
» [Résolu] virus suite à essai telechargement arma2 - virus ? bohemia interactive & impossible supprimer fichier
» (RESOLU) virus
» Virus ...(résolu)

Permission de ce forum:Vous ne pouvez pas répondre aux sujets dans ce forum
Bibou le forum :: 
La sécurité
 :: Aide à la désinfection :: Sujets résolus ou anciens		-
Sauter vers: