ADWARE/Adware.Gen • page 2

Del-crosseur · le 18 Jan 2012 19:39

Bonsoir ,

Comment se comporte le pc maintenant ?

@ +

cristaline · le 21 Jan 2012 14:29

Bonjour,

Depuis mon dernier message, j'ai voulu vérifier avec AVIRA Antivir si les "ADWARE/Adware.gen" avait disparu et
la réponse est négative, les 117 "ADWARE/Adware.gen" de chez Eorezo.A.73, sont toujours là !....et se
sont réinstallés !

AVIRA les a mis en quarantaine,... les anciens, ceux qui sont apparus depuis le 2 décembre, ont repris leur place
et les autres datent d'aujourd'hui .

Je vous envoie l'adresse du lien du rapport : http://w5ft8a.alterupload.com/

Merci pour votre aide

Bonne journée

Cristaline

:cry:

Del-crosseur · le 21 Jan 2012 20:52

Bonsoir

Étrange , le rapport nous montre pas de trace d'Eorezo !!

Peut tu me poster le rapport d'avira ?

On va utiliser un autre scanneur !

Télécharge >> OTL <<sur ton bureau.

* Fait un double-clic sur l'icône d'OTL pour le lancer
/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

* Assure toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "rapport minimal " soit cochée.

* Coches les case situées devant "Tous les utilisateurs", " Recherche LOP" et "Recherche Purity".

* Copier et colle le contenue de cette citation dans la partie inférieure d'OTL "personnalisation"

HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl|FEATURE_BROWSER_EMULATION /rs
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\FeatureControl|feature_enable_ie_compression /rs
HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\FeatureControl|feature_enable_ie_compression /rs
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager
HKEY_CURRENT_USER\Software\AppDataLow
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers /s
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32 /s
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\drivers.desc /s
%temp%\smtmp\1\*.* /s
%temp%\smtmp\2\*.* /s
%temp%\smtmp\4\*.* /s
nslookup http://www.google.fr /c
SAVEMBR:0
NetSvcs
%systemroot%\system32\drivers\*.sys /lockedfiles
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
netsvcs
/md5start
dwm.exe
taskhost.exe
taskeng.exe
wscntfy.exe
ctfmon.exe
rdpclip.exe
volsnap.sys
sptd.sys
explorer.exe
userinit.exe
winlogon.exe
wininit.exe
tcpip.sys
Sfloppy.sys
Changer.sys
cdrom.sys
disk.sys
ndis.sys
usbscan.sys
usbprint.sys
tdtcp.sys
tdpipe.sys
swmidi.sys
splitter.sys
rdpwd.sys
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
RASACD.SYS
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles

* Cliques sur l'icône "Analyse" (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( réduit dans la barre des taches).
* Copie et colle les rapports dans ta réponse stp...
* Au cas où, tu peux les retrouver dans le dossier C:\OTL

PS: Hébérge tes rapport ici ->

puis donne moi le lien obtenu !

cristaline · le 23 Jan 2012 11:08

Bonjour,

Apparemment d'après le message d'AVIRA, il a restauré les 117 ADWARE d'Eorezo que j'ai mis en quarantaine !

Comme il m'est impossible d'installer "Cjoint", je t'envoie les 3 rapports ( AVIRA + 2 OTL ) par le lien de "1fichier.com".

Rapport AVIRA
http://et0o1u.dl4free.com/

Rapport OTL
http://tz63bj.dl4free.com/
http://3g5wxi.dl4free.com/

Dois-je supprimer ces liens une fois que tu a lu les rapports ?
Autre question,..... qu'est ce que permet de voir le rapport d' OTL ?

Merci à l'avance pour ton aide

Cristaline

Del-crosseur · le 23 Jan 2012 18:14

Bonjour ,

Pourquoi avoir restauré la quarantaine d'Avira ? :-?

Relance un Scan avec Avira.
Tu supprimeras tous les éléments infecté trouvé par Avira !

Une fois ceci fait , héberge les rapports OTL sur le site proposé dans la procédure et non pas sur 1fichier.com

@ +

cristaline · le 24 Jan 2012 14:38

Bonjour,

A aucun moment je n'ai restauré ce qui était en quarantaine "AVIRA", j'ai simplement fait un scan complet après avoir
fait toutes les manipulations demandées.

Ce que je n'ai pas fait avant toutes les manip. c'est supprimer la quarantaine, .....est ce une explication ?
Après les avoir supprimés comme vous me l'avez demandée puis fait ( par curiosité ) à nouveau un scan avec AVIRA....
ils ne sont pas réapparus !.

Voici le lien du rapport de OTL : http://cjoint.com/?3Ayou6JLQK9.

Merci encore....et désolée d'être si mauvaise en informatique....cependant je ne désespère pas de la comprendre un jour!

Cristaline

Del-crosseur · le 24 Jan 2012 18:22

Hello ,

Plus de trace d'infection importante dans se pc ... :

Fait un double-clic sur l'icône d'OTL pour le lancer
/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

* Assure-toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case " Rapport minimal" soit cochée.

Attention , se Script a étais spécialement crée en fonction des infections présente sur se pc , il ne doit être en aucun cas utiliser/reproduit sur un autre ordinateur

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL "Personnalisation"

:OTL
FF - prefs.js..browser.startup.homepage: "http://www.yougoo.fr"
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-527237240-1123561945-839522115-1003\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
FF - prefs.js..extensions.enabledItems: toolbar@yougoo.fr:1.04.5
FF - prefs.js..extensions.enabledItems: {e0204bd5-9d31-402b-a99d-a6aa8ffebdca}:1.2.5
FF - prefs.js..extensions.enabledItems: {29c4afe1-db19-4298-8785-fcc94d1d6c1d}:0.6.2009110501
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.7
FF - prefs.js..extensions.enabledItems: {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:4.0.1.0
[2012/01/20 14:01:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions
[2011/12/16 18:42:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\toolbar@yougoo.fr
[2011/12/16 13:55:17 | 000,003,595 | ---- | M] () -- C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\searchplugins\YouGoo.xml
[2011/12/16 13:55:08 | 000,000,000 | ---D | M] (Toolbar YouGoo) -- C:\Program Files\Mozilla Firefox\extensions\toolbar@yougoo.fr
CHR - default_search_provider: search_url = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2093510
CHR - default_search_provider: suggest_url =
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2010/12/21 17:48:44 | 000,133,684 | R--- | M] () -- C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Microsoft\Installer\{D861E896-1511-4893-A26A-E21F44EC569C}\_366F0F0841AEEA9AD4B6BB.exe
[2010/12/21 17:48:44 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Microsoft\Installer\{D861E896-1511-4893-A26A-E21F44EC569C}\_6FEFF9B68218417F98F549.exe
[2010/12/21 17:48:44 | 000,133,684 | R--- | M] () -- C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Microsoft\Installer\{D861E896-1511-4893-A26A-E21F44EC569C}\_9FE4A91DA2970CFCECA6D1.exe

:Commands
[emptytemp]

* Cliques sur l'icône Correction (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan un rapport s'ouvrir "OTL.log"
* Copie et colle le ou les rapports dans ta réponse stp...
* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés

@ ++

cristaline · le 25 Jan 2012 11:52

Bonjour,

Voici le rapport d' OTL ci_joint :
-----------------------------------------------------------------------------------------------------------------------------------------
All processes killed
========== OTL ==========
Prefs.js: "http://www.yougoo.fr" removed from browser.startup.homepage
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_USERS\S-1-5-21-527237240-1123561945-839522115-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ not found.
Prefs.js: toolbar@yougoo.fr:1.04.5 removed from extensions.enabledItems
Prefs.js: {e0204bd5-9d31-402b-a99d-a6aa8ffebdca}:1.2.5 removed from extensions.enabledItems
Prefs.js: {29c4afe1-db19-4298-8785-fcc94d1d6c1d}:0.6.2009110501 removed from extensions.enabledItems
Prefs.js: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.7 removed from extensions.enabledItems
Prefs.js: {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:4.0.1.0 removed from extensions.enabledItems
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}\defaults\preferences folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}\defaults folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}\components folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}\chrome\skin folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}\chrome\locale\zh-TW folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}\chrome\locale\zh-HK folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}\chrome\locale\zh-CN folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}\chrome\locale\vi folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}\chrome\locale\uk folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}\chrome\locale\tr folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}\chrome\locale\th folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}\chrome\locale\sw folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}\chrome\locale\sv folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}\chrome\locale\sq folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}\chrome\locale\sl folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}\chrome\locale\ru folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}\chrome\locale\ro folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}\chrome\locale\pt-BR folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}\chrome\locale\pt folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}\chrome\locale\pl folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}\chrome\locale\pa folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}\chrome\locale\nl folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}\chrome\locale\nb folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}\chrome\locale\mt folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}\chrome\locale\ku folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}\chrome\locale\ko folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}\chrome\locale\km folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}\chrome\locale\ka folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}\chrome\locale\ja folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}\chrome\locale\it folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}\chrome\locale\is folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}\chrome\locale\id folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}\chrome\locale\hu folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}\chrome\locale\hr folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}\chrome\locale\hi folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}\chrome\locale\he folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}\chrome\locale\gu folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}\chrome\locale\gl folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}\chrome\locale\fur folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}\chrome\locale\fr folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}\chrome\locale\fi folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}\chrome\locale\fa folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}\chrome\locale\eu folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}\chrome\locale\es folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}\chrome\locale\en folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}\chrome\locale\el folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}\chrome\locale\de folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}\chrome\locale\da folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}\chrome\locale\cs folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}\chrome\locale\ca folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}\chrome\locale\bo folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}\chrome\locale\bms folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}\chrome\locale\bg folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}\chrome\locale\ar folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}\chrome\locale\af folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}\chrome\locale folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}\chrome\content folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}\chrome folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca} folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}(2)\META-INF(2) folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}(2)\defaults(2)\preferences(2) folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}(2)\defaults(2) folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}(2)\components(2) folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}(2)\chrome(2) folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}(2) folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\META-INF folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\defaults\preferences folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\defaults folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\chrome folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\META-INF folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\lib folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\defaults\preferences folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\defaults\custombuttons folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\defaults\contenthandling folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\defaults\components folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\defaults folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\chrome folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{29c4afe1-db19-4298-8785-fcc94d1d6c1d}\platform\Linux\chrome folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{29c4afe1-db19-4298-8785-fcc94d1d6c1d}\platform\Linux folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{29c4afe1-db19-4298-8785-fcc94d1d6c1d}\platform folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{29c4afe1-db19-4298-8785-fcc94d1d6c1d}\modules folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{29c4afe1-db19-4298-8785-fcc94d1d6c1d}\defaults\preferences folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{29c4afe1-db19-4298-8785-fcc94d1d6c1d}\defaults folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{29c4afe1-db19-4298-8785-fcc94d1d6c1d}\chrome folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{29c4afe1-db19-4298-8785-fcc94d1d6c1d} folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\defaults\preferences folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\defaults folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\chrome folder moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} folder moved successfully.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin\Contents\Resources\English.lproj scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin\Contents\Resources scheduled to be moved on reboot.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin\Contents\MacOS folder moved successfully.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin\Contents scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} scheduled to be moved on reboot.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\toolbar@yougoo.fr folder moved successfully.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions scheduled to be moved on reboot.
Folder C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\toolbar@yougoo.fr\ not found.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\searchplugins\YouGoo.xml moved successfully.
C:\Program Files\Mozilla Firefox\extensions\toolbar@yougoo.fr\chrome folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\toolbar@yougoo.fr folder moved successfully.
Unable to fix default_search_provider items.
Unable to fix default_search_provider items.
C:\WINDOWS\SET3.tmp deleted successfully.
C:\WINDOWS\SET4.tmp deleted successfully.
C:\WINDOWS\SET8.tmp deleted successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Microsoft\Installer\{D861E896-1511-4893-A26A-E21F44EC569C}\_366F0F0841AEEA9AD4B6BB.exe moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Microsoft\Installer\{D861E896-1511-4893-A26A-E21F44EC569C}\_6FEFF9B68218417F98F549.exe moved successfully.
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Microsoft\Installer\{D861E896-1511-4893-A26A-E21F44EC569C}\_9FE4A91DA2970CFCECA6D1.exe moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrateur
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 150578 bytes

User: All Users

User: All Users.WINDOWS

User: bataille
->Temp folder emptied: 54939732 bytes
->Temporary Internet Files folder emptied: 64263518 bytes
->Flash cache emptied: 2060 bytes

User: BATAILLE.UNICORNI-AC7163
->Temp folder emptied: 1306877 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 111841769 bytes
->Google Chrome cache emptied: 6267301 bytes
->Flash cache emptied: 1199 bytes

User: BATAIL~1~UNI

User: bonato
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 134 bytes

User: Brigitte
->Temp folder emptied: 5081539 bytes
->Temporary Internet Files folder emptied: 341896 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User.WINDOWS
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41 bytes

User: georgettbro
->Temp folder emptied: 267596 bytes
->Temporary Internet Files folder emptied: 2603805 bytes
->FireFox cache emptied: 12542490 bytes
->Google Chrome cache emptied: 6368750 bytes
->Flash cache emptied: 800 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService.AUTORITE NT
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 2791956 bytes
->FireFox cache emptied: 3754348 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 34704 bytes

User: NetworkService.AUTORITE NT
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 37250 bytes

User: TEMP
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 813884 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 371188311 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 79632676 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 691,00 mb

OTL by OldTimer - Version 3.2.31.0 log created on 01252012_112259

Files\Folders moved on Reboot...
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin\Contents\Resources\English.lproj scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin\Contents\Resources\English.lproj scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin\Contents\Resources scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin\Contents\Resources\English.lproj scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin\Contents\Resources scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin\Contents scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin\Contents\Resources\English.lproj scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin\Contents\Resources scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin\Contents scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin\Contents\Resources\English.lproj scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin\Contents\Resources scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin\Contents scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin\Contents\Resources\English.lproj scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin\Contents\Resources scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin\Contents scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin\Contents\Resources\English.lproj scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin\Contents\Resources scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin\Contents scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions scheduled to be moved on reboot.

Registry entries deleted on Reboot...
------------------------------------------------------------------------------------------------------------------------

Merci encore et bonne journée

Del-crosseur · le 25 Jan 2012 18:18

Bonjour ,

C'est supers ! Toujours des détections de virus ?

@ +

cristaline · le 26 Jan 2012 14:23

Bonjour,

J'ai trouvé le résultat super !....moi aussi.....vraiment....et patatrac ....en refaisant un scan, AVIRA a trouvé 5 virus !!
et toujours du même auteur ..Eorezo.

Je ne comprend pas, hier après avoir fait le scan et après t'avoir envoyé le rapport j'ai fermé mon PC et ne l'ai rallumé
qu'aujourd'hui pour aller sur le forum de PC-INFOPRATIQUE puis faire ce nouveau scan.....et trouver ces virus !
.....et à aucun moment je n'ai fait de restauration.... de ces virus cachés..enfin si ils l'étaient !.

Voici le lien de "C Joint" pour les rapports de AVIRA et OTL :
Pour OTL j'ai refais la même manip. que tu m'as expliquée le 21 janvier.

Rapport AVIRA
http://cjoint.com/?3AAoey4arFr

Rapport OTL
http://cjoint.com/?3AAon17ynL8

Merci encore,..... sans ton aide je ne serais quoi faire !

Cristaline

Del-crosseur · le 26 Jan 2012 18:30

Salut ,

Ok je vois !

Fait un double-clic sur l'icône d'OTL pour le lancer
/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

* Assure-toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case " Rapport minimal" soit cochée.

Attention , se Script a étais spécialement crée en fonction des infections présente sur se pc , il ne doit être en aucun cas utiliser/reproduit sur un autre ordinateur

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL "Personnalisation"

:OTL
[2011/01/24 14:00:28 | 000,510,120 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Real\Update\setup3.13\setup.exe
[2012/01/25 11:23:06 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions
[2012/01/25 11:23:06 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\BATAILLE.UNICORNI-AC7163\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\05A3R375.DEFAULT\EXTENSIONS\{20A82645-C095-46ED-80E3-08825760534B}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\BATAILLE.UNICORNI-AC7163\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\05A3R375.DEFAULT\EXTENSIONS\{29C4AFE1-DB19-4298-8785-FCC94D1D6C1D}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\BATAILLE.UNICORNI-AC7163\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\05A3R375.DEFAULT\EXTENSIONS\{3112CA9C-DE6D-4884-A869-9855DE68056C}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\BATAILLE.UNICORNI-AC7163\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\05A3R375.DEFAULT\EXTENSIONS\{635ABD67-4FE9-1B23-4F01-E679FA7484C1}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\BATAILLE.UNICORNI-AC7163\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\05A3R375.DEFAULT\EXTENSIONS\{E0204BD5-9D31-402B-A99D-A6AA8FFEBDCA}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\TOOLBAR@YOUGOO.FR
CHR - default_search_provider: peer2Peer-FR2 Customized Web Search (Enabled)
CHR - default_search_provider: search_url = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2093510
CHR - default_search_provider: suggest_url =
[2009/12/18 14:20:12 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{C4C0E335-EDDF-46A0-A57D-F3802AE44275}
C:\Downloads\Software\setup7.exe

:Commands
[emptytemp]
[CLEARALLRESTOREPOINTS]

* Cliques sur l'icône Correction (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan un rapport s'ouvrir "OTL.log"
* Copie et colle le ou les rapports dans ta réponse stp...
* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés

=========================================

Une fois le pc redémarré , supprime ZHPDiag via Ajout/Suppression des programmes

Puis :::

Désactive ton Anti-virus le temps de faire ces manipulations.

=================================================================================

Télécharge ComBoFix de sUBs sur ton Bureau et pas ailleurs!

-Double-clic sur combofix.exe, accepte la licence d'utilisation et laisse toi guider.

-Si l'installation de la console de récupération t'es proposée <-- Accepte là.

-Lorsque Combofix travaillera , ne clique pas sur le fenêtre , il pourrait y avoir un Gel du programme...

-Attends que combofix ait terminé, un rapport sera créé. Poste le rapport.

PS : si Combofix ne se lance pas, renomme le fichier Combofix et retente.

Si pas mieux, tente en mode sans échec sans prise en charge du réseau : Redémarre en mode sans échec, pour cela, redémarre l'ordinateur, avant le logo Windows, tapote sur la touche F8, un menu va apparaître, choisis Mode sans échec et appuie sur la touche entrée du clavier.

Tu peut consulter le tuto de ComboFix ici -> http://www.bleepingcomputer.com/combofi ... r-combofix

@ ++

cristaline · le 27 Jan 2012 11:24

Bonjour,

Je ne sais pas ou s'est installé Combofix !, ce que j'ai vu c'est que lorsque j'ai accepté sa licence tout s'est enchainé !.....
Comodo n'aime pas ce logiciel....enfin voilà les 2 rapports ;

Rapport OTL
All processes killed
========== OTL ==========
C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Real\Update\setup3.13\setup.exe moved successfully.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin\Contents\Resources\English.lproj scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin\Contents\Resources scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin\Contents scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin\Contents\Resources\English.lproj scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin\Contents\Resources scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin\Contents scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} scheduled to be moved on reboot.
Unable to fix default_search_provider items.
Unable to fix default_search_provider items.
Unable to fix default_search_provider items.
C:\Documents and Settings\All Users.WINDOWS\Application Data\{C4C0E335-EDDF-46A0-A57D-F3802AE44275} folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrateur
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: All Users.WINDOWS

User: bataille
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: BATAILLE.UNICORNI-AC7163
->Temp folder emptied: 2912629 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 612962 bytes
->Google Chrome cache emptied: 6269235 bytes
->Flash cache emptied: 343 bytes

User: BATAIL~1~UNI

User: bonato
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Brigitte
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User.WINDOWS
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: georgettbro
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService.AUTORITE NT
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 0 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: NetworkService.AUTORITE NT
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: TEMP
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 9,00 mb

Restore points cleared and new OTL Restore Point set!

OTL by OldTimer - Version 3.2.31.0 log created on 01272012_102447

Files\Folders moved on Reboot...
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin\Contents\Resources\English.lproj scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin\Contents\Resources\English.lproj scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin\Contents\Resources scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin\Contents\Resources\English.lproj scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin\Contents\Resources scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin\Contents scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin\Contents\Resources\English.lproj scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin\Contents\Resources scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin\Contents scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin\Contents\Resources\English.lproj scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin\Contents\Resources scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin\Contents scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin\Contents\Resources\English.lproj scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin\Contents\Resources scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin\Contents scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin\Contents\Resources\English.lproj scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin\Contents\Resources scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin\Contents scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\extensions scheduled to be moved on reboot.

Registry entries deleted on Reboot...
---------------------------------------------------------------------------------------------------------------------------------------------
Rapport COMBOFIX
ComboFix 12-01-21.02 - BATAILLE 27/01/2012 10:49:51.1.1 - x86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.1535.994 [GMT 1:00]
Lancé depuis: c:\documents and settings\BATAILLE.UNICORNI-AC7163\Mes documents\Downloads\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {C19476D9-52BC-4E93-8AF3-CCF59F7AE8FE}
FW: COMODO Firewall *Enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
* Un nouveau point de restauration a été créé
.
/wow section - STAGE 32A
Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus.
Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus.
Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus.
Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus.
Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus.
Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus.
Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus.
Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus.
Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus.
Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus.
Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus.
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\bonato\WINDOWS
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-12-27 au 2012-01-27 ))))))))))))))))))))))))))))))))))))
.
.
2012-01-26 12:23 . 2012-01-26 12:23 -------- d-----r- c:\documents and settings\LocalService.AUTORITE NT\Mes documents
2012-01-25 10:22 . 2012-01-25 10:22 -------- d-----w- C:\_OTL
2012-01-23 09:22 . 2012-01-26 13:04 512 ----a-w- C:\PhysicalMBR.bin
2012-01-20 12:56 . 2012-01-20 12:56 -------- d-----w- c:\program files\Garmin GPS Plugin
2012-01-14 13:34 . 2012-01-14 13:34 -------- d-----w- c:\program files\Ad-Remover
2012-01-11 13:23 . 2012-01-11 13:23 -------- d-----w- c:\documents and settings\BATAILLE.UNICORNI-AC7163\Local Settings\Application Data\Comodo
2012-01-11 12:39 . 2012-01-21 13:11 -------- d-----w- C:\ZHP
2012-01-11 12:39 . 2012-01-27 09:35 -------- d-----w- c:\program files\ZHPDiag
2012-01-10 13:56 . 2012-01-10 13:56 -------- d-----w- c:\documents and settings\BATAILLE.UNICORNI-AC7163\Application Data\Malwarebytes
2012-01-10 13:56 . 2012-01-10 13:56 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Malwarebytes
2012-01-10 13:55 . 2012-01-14 12:58 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-01-09 10:53 . 2012-01-10 13:02 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Comodo
2012-01-03 13:10 . 2012-01-03 13:10 182672 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2012-01-03 13:10 . 2012-01-03 13:10 182672 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-19 18:58 . 2011-12-20 14:02 33984 ----a-w- c:\windows\system32\cmdcsr.dll
2011-12-19 17:59 . 2011-12-19 17:59 97760 ----a-w- c:\windows\system32\drivers\inspect.sys
2011-12-19 17:59 . 2011-12-19 17:59 494816 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2011-12-19 17:59 . 2011-12-19 17:59 31704 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2011-12-19 17:59 . 2011-12-19 17:59 18056 ----a-w- c:\windows\system32\drivers\cmderd.sys
2011-12-19 17:58 . 2011-12-19 17:58 301224 ----a-w- c:\windows\system32\guard32.dll
2011-12-16 16:08 . 2011-09-13 15:54 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-25 21:57 . 2004-08-03 22:54 293888 ----a-w- c:\windows\system32\winsrv.dll
2011-11-23 14:40 . 2004-08-03 22:45 1859712 ----a-w- c:\windows\system32\win32k.sys
2011-11-20 06:12 . 2004-08-03 22:55 61952 ----a-w- c:\windows\system32\packager.exe
2011-11-03 15:28 . 2004-08-03 22:54 387072 ----a-w- c:\windows\system32\qdvd.dll
2011-11-03 15:28 . 2004-08-03 22:54 1298432 ------w- c:\windows\system32\quartz.dll
2011-11-01 20:35 . 2004-08-03 22:54 671232 ----a-w- c:\windows\system32\wininet.dll
2011-11-01 20:35 . 2004-08-03 20:59 61952 ----a-w- c:\windows\system32\tdc.ocx
2011-11-01 20:35 . 2004-08-03 22:54 81920 ----a-w- c:\windows\system32\ieencode.dll
2011-11-01 20:34 . 2004-08-03 22:41 371200 ----a-w- c:\windows\system32\html.iec
2011-11-01 16:07 . 2004-08-03 22:54 1288192 ----a-w- c:\windows\system32\ole32.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}]
2009-10-15 08:53 165184 ----a-w- c:\program files\SFR\Kit\SFRNavErrorHelper.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ccleaner"="c:\program files\CCleaner\CCleaner.exe" [2011-02-23 2251064]
"Connexion SFR 9props.exe"="c:\program files\SFR\Kit\9props.exe" [2009-10-15 959808]
"Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2008-02-26 443968]
"gStart"="c:\garmin\gStart.exe" [2008-08-13 1891416]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-01-22 39408]
"Neuf Media Center"="c:\program files\SFR\Media Center\MediaCenter.exe" [2010-04-29 742720]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 577536]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"DiscWizardMonitor.exe"="c:\program files\Seagate\DiscWizard\DiscWizardMonitor.exe" [2009-11-02 1349392]
"AcronisTimounterMonitor"="c:\program files\Seagate\DiscWizard\TimounterMonitor.exe" [2009-11-02 905208]
"Seagate Scheduler2 Service"="c:\program files\Fichiers communs\Seagate\Schedule2\schedhlp.exe" [2009-11-02 136544]
"MaxMenuMgr"="c:\program files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe" [2009-09-25 185640]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-08-17 281768]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-06-07 421160]
"TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2011-10-31 273528]
"COMODO"="c:\program files\COMODO\COMODO GeekBuddy\CLPSLA.exe" [2011-11-23 208184]
"CPA"="c:\program files\COMODO\COMODO GeekBuddy\VALA.exe" [2011-11-23 182584]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2011-12-20 6676808]
.
c:\documents and settings\BATAILLE.UNICORNI-AC7163\Menu Démarrer\Programmes\Démarrage\
OneNote 2007 - Capture d'écran et lancement.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
Outil de détection de support PMB.lnk - c:\program files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe [2009-9-5 333088]
.
c:\documents and settings\BATAILLE.UNICORNI-AC7163\Menu Démarrer\Programmes\Démarrage\
OneNote 2007 - Capture d'écran et lancement.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
Outil de détection de support PMB.lnk - c:\program files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe [2009-9-5 333088]
.
c:\documents and settings\BATAILLE.UNICORNI-AC7163\Menu Démarrer\Programmes\Démarrage\
OneNote 2007 - Capture d'écran et lancement.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
Outil de détection de support PMB.lnk - c:\program files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe [2009-9-5 333088]
.
c:\documents and settings\BATAILLE.UNICORNI-AC7163\Menu Démarrer\Programmes\Démarrage\
OneNote 2007 - Capture d'écran et lancement.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
Outil de détection de support PMB.lnk - c:\program files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe [2009-9-5 333088]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^Kodak software updater.lnk]
path=c:\documents and settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\Kodak software updater.lnk
backup=c:\windows\pss\Kodak software updater.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^Logiciel Kodak EasyShare.lnk]
backup=c:\windows\pss\Logiciel Kodak EasyShare.lnkCommon Startup
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\program files\SFR\Media Center\httpd\httpd.exe"= c:\program files\SFR\Media Center\httpd\httpd.exe:172.16.255.0/255.255.255.0,192.168.1.0/255.255.255.0:Enabled:Serveur de partage Media Center (Player SFR)
.
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [19/12/2011 18:59 494816]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [19/12/2011 18:59 31704]
R2 AntiVirMailService;Avira AntiVir MailGuard;c:\program files\Avira\AntiVir Desktop\avmailc.exe [21/03/2011 14:01 340136]
R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [04/03/2011 16:47 136360]
R2 AntiVirWebService;Avira AntiVir WebGuard;c:\program files\Avira\AntiVir Desktop\avwebgrd.exe [21/03/2011 14:01 428200]
R2 CLPSLS;COMODO livePCsupport Service;c:\program files\COMODO\COMODO GeekBuddy\CLPSLS.exe [23/11/2011 11:27 1052472]
R2 FreeAgentGoNext Service;Seagate Service;c:\program files\Seagate\SeagateManager\Sync\FreeAgentService.exe [25/09/2009 23:32 189736]
R2 SgtSch2Svc;Seagate Scheduler2 Service;c:\program files\Fichiers communs\Seagate\Schedule2\schedul2.exe [02/11/2009 17:52 431456]
R3 BeWGU(BeWAN systems);Adaptateur WiFi(BeWAN systems);c:\windows\system32\drivers\BeWGU.sys [08/08/2008 18:31 489472]
S2 gupdate1c986eb67628f1e;Google Update Service (gupdate1c986eb67628f1e);c:\program files\Google\Update\GoogleUpdate.exe [04/02/2009 18:09 133104]
S3 gupdatem;Service Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [04/02/2009 18:09 133104]
S3 TV_551805_Sp50;TV_551805_Sp50 NDIS Protocol Driver;c:\windows\system32\drivers\TV_551805_Sp50.sys [08/08/2008 18:34 27072]
.
Contenu du dossier 'Tâches planifiées'
.
2012-01-27 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2010-07-15 19:55]
.
2012-01-26 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-10-06 12:53]
.
2012-01-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-04 17:09]
.
2012-01-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-04 17:09]
.
2012-01-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-527237240-1123561945-839522115-1003Core.job
- c:\documents and settings\BATAILLE.UNICORNI-AC7163\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-09-27 17:08]
.
2012-01-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-527237240-1123561945-839522115-1003UA.job
- c:\documents and settings\BATAILLE.UNICORNI-AC7163\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-09-27 17:08]
.
2012-01-27 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-18.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-09-27 12:40]
.
2012-01-27 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-527237240-1123561945-839522115-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-09-27 12:40]
.
2012-01-27 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-527237240-1123561945-839522115-1007.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-09-27 12:40]
.
2012-01-26 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-18.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-09-27 12:40]
.
2012-01-20 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-527237240-1123561945-839522115-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-09-27 12:40]
.
2012-01-13 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-527237240-1123561945-839522115-1007.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-09-27 12:40]
.
2012-01-27 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2009-05-28 20:18]
.
.
------- Examen supplémentaire -------
.
uInternet Connection Wizard,ShellNext = hxxp://www.sfr.fr/kit/adsl/
uInternet Settings,ProxyOverride = local;*.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Tout télécharger avec Free Download Manager - file://c:\program files\Free Download Manager\dlall.htm
IE: Télécharger avec Free Download Manager - file://c:\program files\Free Download Manager\dllink.htm
IE: Télécharger la sélection avec Free Download Manager - file://c:\program files\Free Download Manager\dlselected.htm
IE: Télécharger la vidéo avec Free Download Manager - file://c:\program files\Free Download Manager\dlfvideo.htm
LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{573B127D-E1F0-4381-9389-7834EC0EF0A5}: NameServer = 8.26.56.26,156.154.70.22
FF - ProfilePath - c:\documents and settings\BATAILLE.UNICORNI-AC7163\Application Data\Mozilla\Firefox\Profiles\05a3r375.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p=
FF - prefs.js: browser.startup.homepage -
.
- - - - ORPHELINS SUPPRIMES - - - -
.
AddRemove-{18EF615A-5AAD-4944-B24E-6CD7863FC735} - c:\program files\InstallShield Installation Information\{18EF615A-5AAD-4944-B24E-6CD7863FC735}\setup.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-01-27 10:59
Windows 5.1.2600 Service Pack 3 NTFS
.
detected NTDLL code modification:
ZwClose
.
Recherche de processus cachés ...
.
Recherche d'éléments en démarrage automatique cachés ...
.
Recherche de fichiers cachés ...
.
Scan terminé avec succès
Fichiers cachés: 0
.
**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------
.
- - - - - - - > 'lsass.exe'(1004)
c:\windows\system32\guard32.dll
c:\windows\system32\relog_ap.dll
c:\program files\Avira\AntiVir Desktop\avsda.dll
.
- - - - - - - > 'explorer.exe'(2472)
c:\windows\system32\guard32.dll
c:\windows\system32\eappprxy.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
- - - - - - - > 'csrss.exe'(920)
c:\windows\system32\cmdcsr.dll
.
Heure de fin: 2012-01-27 11:03:21
ComboFix-quarantined-files.txt 2012-01-27 10:03
.
Avant-CF: 123 610 820 608 octets libres
Après-CF: 123 564 314 624 octets libres
.
WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect
[spybotsd]
timeout.old=30
.
- - End Of File - - 316285D763C3F815E0C610DADC7F318D

Merci pour ta précieuse réponse

Cristaline :roll:

Del-crosseur · le 27 Jan 2012 16:03

Salut ,

Recommence avec ComboFix mais cette fois-si , Met le sur le bureau !!
Quitte toutes les applications en cours puis n'oublie pas de Désactier toutes protections active !

@ +

cristaline · le 31 Jan 2012 16:56

Salut,

Bon cette fois Combofix est bien sur le bureau et voici l'adresse du lien "C joint" du rapport mais je voulais te demander
avant, comment il se fait que j'ai beaucoup de mal à aller sur Internet, j'ai même dû au bout de ~10mn débrancher électriquement le PC, ....car tout était bloqué !

.....et pour sortir, c'est à peu de chose près le même problème.....il s'est bloqué !

Adresse du rapport : http://cjoint.com/?3AFqURNLUCh

Merci à nouveau pour ton aide....toujours très précieuse !

Bonne fin de journée

Cristaline

Del-crosseur · le 31 Jan 2012 18:44

Salut

Ta plus de problème avec le Rogue Eorezo ?

@ ++

ADWARE/Adware.Gen • page 2

Re: ADWARE/Adware.Gen

Re: ADWARE/Adware.Gen

Re: ADWARE/Adware.Gen

Re: ADWARE/Adware.Gen

Re: ADWARE/Adware.Gen

Re: ADWARE/Adware.Gen

Re: ADWARE/Adware.Gen

Re: ADWARE/Adware.Gen

Re: ADWARE/Adware.Gen

Re: ADWARE/Adware.Gen

Re: ADWARE/Adware.Gen

Re: ADWARE/Adware.Gen

Re: ADWARE/Adware.Gen

Re: ADWARE/Adware.Gen

Re: ADWARE/Adware.Gen

Sujets similaires

Qui est en ligne