hidden rootkitFermé

Question

Bonjour,

j'ai depuis quelque temps des problemes du a des root kit ou hidden pouvez vous m'aider a les suprimer
je l'ai constate en lancant rootkitrevelaer dont ci apres detail
HKLM/software/ microsoft/crytography/RNG/seed (data mismatch between windows API and raw hive data
puis 8 autres decrit ci apres
c/system volume information catalog wci  tous commencant de la meme facon avec001, dr, cifl fffl,wci/cifl fffe 001 commentaire hidden from windows API ou visible sur windows API but not in MFT or director index .
j'ai etali un rapport navilog en fonction1 que je vous en fin de message
mon ecran se met en marche tres lentement ainsi que mon navigateur
xp sp3, neuf box, spy bot, avira, cclean, redcleaner, easy cleaner
je vous remercie de votre aide
junon16
@rem Fix Navipromo 
@rem pour Windows 2000/XP/Vista exclusivement
@rem for Windows 2000/XP/Vista only
@rem Copyright IL-MAFIOSO
@rem Process.exe par Craig.Peacock added https://www.beyondlogic.org/
@rem Reboot.exe par Shadowar/Option^Explicit added
@rem Gnc.exe par IL-MAFIOSO - Credits : "Malware Analysis & Diagnostic"
@rem Catchme.exe par gmer added http://www.gmer.net
@rem Getpaths.exe par A.Rothstein

@echo off
TITLE Navilog1 by IL-MAFIOSO
COLOR 1F
@set chemin=%PROGRAMFILES%
avilog1

cd "%chemin%\Backupnavi" 2>NUL
if %errorlevel%==0 cd\
if %errorlevel%==1 md "%chemin%\Backupnavi"
cd "%chemin%\Safebackup" 2>NUL
if %errorlevel%==0 cd\
if %errorlevel%==1 md "%chemin%\Safebackup"
cd "%chemin%\Report" 2>NUL
if %errorlevel%==0 cd\
if %errorlevel%==1 md "%chemin%\Report"

@set genproc=0
@if exist "%systemdrive%\gennavi.txt" (
@set /a genproc=%genproc%+1
)

@set manutxt=0
@if exist "%chemin%\Navscript.txt" (
@set /a manutxt=%manutxt%+1
)

if %genproc%==1 (
set manutxt=0
@if exist "%chemin%\Navscript.txt" del /q "%chemin%\Navscript.txt"
)

%systemdrive%
cd\

@if exist "%chemin%\suppauto.txt" @goto scanreboot
@if exist "%chemin%\pasblbeta.txt" @goto scanreboot
@if exist "%chemin%\suppmanu.txt" @goto scanreboot

:choixlangue
echo          ÉÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ»
echo          º           Selectionnez votre langue               º
echo          º              Select your language                 º
echo          º                                                   º
echo          º           Tapez F ou f pour Francais  f
            º
echo          º                                                   º
echo          º           Tapez E ou e pour Anglais               º
echo          º                                                   º
echo          º           Tapez Q ou q pour Quitter               º
echo          º                                                   º
echo          º           Type F or f for French                  º
echo          º                                                   º
echo          º           Type E or e for English                 º
echo          º                                                   º 
echo          º           Q or q - Quitter (Exit)                 º
echo          º                                                   º
echo          ÈÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ¼
@echo.
set /p choixlang=Votre choix puis validez/Your choice and then press enter (E,e,F,f,Q,q) : F

@if %choixlang%==e goto vareng
@if %choixlang%==E goto vareng
@if %choixlang%==F goto varfr
@if %choixlang%==f goto varfr
@if %choixlang%==Q goto exit
@if %choixlang%==q goto exit
@echo %choixlang% Erreur saisie !/Error on Choice ! 
@cls
@goto choixlangue

:scanreboot

@if exist "%chemin%\French.txt" @goto varfr
@if exist "%chemin%\English.txt" @goto vareng

:varfr
@set valeur=reg query "HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer" /v Version
@set version=findstr /I /L /C:"REG_SZ"
@set mmos=0
@set xpos=0
@set dsulsap=0
@set vistaos=0
@set vista1=0
@set vista2=0
@set vista3=0
@set vista4=0
@set strouv=trouvé !
@set tentsup=...suppression...
@set supdos=Suppression
@set ssupp=supprimé !
@set errsup=!!ERREUR SUPPRESSION!!
@set absent=absent !
@set patient=Veuillez patienter
@set rechter=Recherche terminee
@set rechin=Recherche dans
@set reche=Recherche
@set dossier=dossiers
@set fichier=fichiers
@set dans=dans
@set cop=Copie
@set dupli=réalisée avec succès !
@set sver=version 3.6.7
@set smiseajour=22.10.2008 à 20h00
@set modnormal=executé en mode normal
@set modechec=executé en mode sans échec
@set langue=fra
@set rapp=Rapport réalisé le
@set echec=Echec
@set dossback=vers dossier Backupnavi
@set non=non
@goto controlversion

:vareng
@set valeur=reg query "HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer" /v Version
@set version=findstr /I /L /C:"REG_SZ"
@set mmos=0
@set xpos=0
@set vistaos=0
@set vista1=0
@set vista2=0
@set vista3=0
@set vista4=0
@set strouv=found !
@set tentsup=...deleting...
@set supdos=Deleting
@set ssupp=deleted !
@set errsup=!!DELETING FAILED!!
@set absent=not found !
@set patient=Please wait
@set rechter=Search finished
@set rechin=Search in
@set reche=Search
@set dossier=folders
@set fichier=files
@set dans=in
@set cop=Copy
@set dupli=done !
@set sver=version 3.6.7
@set smiseajour=22.10.2008 at 20h00
@set modnormal=done in normal mode
@set modechec=done in safe mode
@set langue=eng
@set rapp=Scan completed
@set echec=Fail
@set dossback=to Backupnavi folder
@set non=no
@goto controlversion

:controlversion
@ver |find "Windows XP" >nul: 
@if %errorlevel%==1 goto controlversion2
@if %errorlevel%==0 (
@set /a xpos=%xpos%+1
@goto debut
)

:controlversion2
@set OSVersionSwap=%systemroot%	emp\osversionwap.txt
@set OsVersionTxt=%systemroot%	emp\osversion.txt
@ver | findstr "[" > %OSVersionSwap%
@for /f "tokens=2 delims=[" %%i in (%OSVersionSwap%) do echo %%i > %OsVersionTxt%
@for /f "tokens=2 delims=] " %%i in (%OsVersionTxt%) do set osversion=%%i
@if "%osversion%" LSS "6.0" goto controlversion3
@if not "%osversion%" LSS "6.0" (
@set /a vistaos=%vistaos%+1
@CD "%LOCALAPPDATA%\Microsoft" 2>NUL
@IF NOT ERRORLEVEL 1 set /a vista1=%vista1%+1
cd\
@CD "%LOCALAPPDATA%\virtualstore\windows\system32" 2>NUL
@IF NOT ERRORLEVEL 1 set /a vista2=%vista2%+1
cd\
@CD "%LOCALAPPDATA%\virtualstore\Program Files" 2>NUL
@IF NOT ERRORLEVEL 1 set /a vista3=%vista3%+1
cd\
@CD "%LOCALAPPDATA%" 2>NUL
@IF NOT ERRORLEVEL 1 set /a vista4=%vista4%+1
cd\
@goto debut
)

:controlversion3
@ver |find "Windows 2000" >nul: 
@if %errorlevel%==1 goto controlversion4
@if %errorlevel%==0 (
@set /a mmos=%mmos%+1
goto debut
)

:controlversion4
@ver |find "Windows Trust" >nul: 
@if %errorlevel%==1 goto mauvver
@if %errorlevel%==0 (
@set /a xpos=%xpos%+1
@goto debut
)

:mauvver
@cls
@echo.
@if %langue%==fra @echo Cet outil ne fonctionne que sous Windows 2000 / XP ou Vista
@if %langue%==eng @echo This fix runs only with Windows 2000 / XP or Vista 
@echo.
@if %langue%==fra @echo Desinstallez Navilog1 via ajout supp des programmes
@if %langue%==eng @echo Uninstall Navilog1 via add remove programs panel
@echo.
@if %langue%==fra @echo L'outil va être interrompu
@if %langue%==eng @echo Fix will be stopped
@echo.
@pause
@exit

:debut
@cls
@echo %patient%

@if not exist "%chemin%\GetPaths.exe" goto decompression

@if exist "%systemdrive%\GetPaths.bat" del /q "%systemdrive%\GetPaths.bat"
@call "%chemin%\GetPaths.exe"
@call "%systemdrive%\GetPaths.bat"
@if exist "%systemdrive%\GetPaths.bat" del /q "%systemdrive%\GetPaths.bat"

for /f "tokens=1-5 delims=\" %%A in ("%dsculsad2%" ) do (set DOCSET=%%B& set LS=%%D& set APD=%%E& set LSAD=%%D\%%E)

@if exist tempnav.txt del /q tempnav.txt
@echo %startprg2%>tempnav.txt
@for /f "tokens=4 delims=\" %%a in ('@type "tempnav.txt"') do (
@set "MENDM=%%a"
)
@for /f "tokens=5 delims=\" %%a in ('@type "tempnav.txt"') do (
@set PRGS=%%a
)
@set "MENDPRG=%MENDM%\%PRGS%"
@if exist tempnav.txt del /q tempnav.txt

@if %vistaos%==1 (
for /f "tokens=1-5 delims=\" %%A in ("%LocalAppData%" ) do (set VISTAUSE=%%B& set VISTAA=%%D& set VISTAB=%%E& set VISTALOC=%%D\%%E)
)

if %vistaos%==1 (
for /f "tokens=1-9 delims=\" %%A in ("%startprg2%" ) do (set VISDEMPRG=%%D\%%E\%%F\%%G\%%H\%%I& set ROAMVISTA=%%D\%%E)
)

if exist "%chemin%esvar.txt" del /q "%chemin%esvar.txt"

if %vistaos%==1 (
echo %VISTAUSE%>>"%chemin%esvar.txt"
echo %VISTAA%>>"%chemin%esvar.txt"
echo %VISTAB%>>"%chemin%esvar.txt"
)
if %vistaos%==0 (
echo %DOCSET%>>"%chemin%esvar.txt"
echo %LS%>>"%chemin%esvar.txt"
echo %APD%>>"%chemin%esvar.txt"
)
if exist "%chemin%esvar.txt" (
FINDSTR /c:"ECHO" "%chemin%esvar.txt"
if not errorlevel 1 goto mauvpat
)
if exist "%chemin%esvar.txt" del /q "%chemin%esvar.txt"

@if %mmos%==0 (
@if exist tmp.txt del tmp.txt
@if exist tmp2.txt del tmp2.txt
@if exist tmp3.txt del tmp3.txt
@chkntfs %systemdrive% | find /V "%systemdrive%">tmp.txt
@type tmp.txt | find /i "NTFS">tmp2.txt
@for /f "tokens=* delims=" %%a in (tmp2.txt) do echo %%a>tmp3.txt
@if exist tmp3.txt set Typdisk=NTFS
@if exist tmp3.txt del tmp3.txt
@type tmp.txt | find /i "FAT32">tmp2.txt
@for /f "tokens=* delims=" %%a in (tmp2.txt) do echo %%a>tmp3.txt
@if exist tmp3.txt set Typdisk=FAT32
@if exist tmp.txt del tmp.txt
@if exist tmp2.txt del tmp2.txt
@if exist tmp3.txt del tmp3.txt
)

goto lancement

:lancement

if exist "%chemin%\Folders1.txt" del /q "%chemin%\Folders1.txt"
if exist "%chemin%\Folders2.txt" del /q "%chemin%\Folders2.txt"

@if exist "%chemin%\suppauto.txt" @goto startclean
@if exist "%chemin%\pasblbeta.txt" @goto startclean
@if exist "%chemin%\suppmanu.txt" @goto startclean

@echo off
@cls
@if %langue%==fra (
@echo !!! Avertissement !!!
@echo.
@echo Cet outil a ete concu pour traiter un certain type d'infection bien precis
@echo.
@echo Ne l'utilisez que lorsqu'une personne competente vous l'aura demande
@echo et suivez scrupuleusement ses instructions.
@echo.
@echo Tout usage par votre propre initiative ou modification du batch
@echo engagera votre entiere responsabilite.
@echo.
@pause
@cls
@echo.
@echo Cet outil a ete teste plusieurs fois sur un PC volontairement infecte.
@echo Aucune defaillance n'a ete constatee apres utilisation de cet outil sur le PC
@echo Toute infection, quelle qu'elle soit, une fois installee peut causer des dommages sur votre ordinateur.
@echo La desinfection, quelle qu'elle soit, peut dans certains cas entrainer des anomalies de fonctionnement.
@echo Nous ne pourrions etre tenus comme responsables de toute defaillance ulterieure apres application de cet outil.
@echo.
@echo Remerciements a Metallica, gmer, S!ri, Bobby Flekman
@echo Remerciements a Malware analysis and Diagnostic
@echo Remerciements a A.Rothstein, bobette marlow, Eric_71 et synthexe
@echo.
@pause
@goto decompression
)
if %langue%==eng (
@echo                   !!! Warning !!!
@echo.
@echo   This fix was developed to detect and remove a specific adware.
@echo.
@echo Do not use this program unless instructed by an authorized
@echo helper, and follow the instructions as given by the Helper.
@echo.
@echo               Use it at your own risk.
@echo.
@pause
@cls
@echo.
@echo This fix has been tested on several computers infected with this 
@echo adware. No problems had been detected after the use of the fix.
@echo.
@echo Viral infections can cause damage on your computer
@echo Cleaning the malware, however, can sometimes cause issues in 
@echo your computer. We cannot be responsible for these issues.
@echo.
@echo Thanks to Metallica, gmer, S!ri, Bobby Flekman
@echo Thanks to Malware analysis and Diagnostic
@echo Thanks to A.Rothstein, bobette marlow and synthexe
@echo.
@pause
@goto decompression
)

:decompression
@cls
@if %langue%==fra @echo Verification installation/emplacement fichiers navilog1
@if %langue%==eng @echo Checking if the installation of navilog1 was done correctly.
@echo.
@echo %patient%
REM @if not exist "%chemin%\process.exe" (
REM @if %langue%==fra @echo Fichier process.exe %absent%
REM @if %langue%==eng @echo File process.exe %absent%
REM @if %langue%==fra @echo Desinstallez navilog1 puis reinstallez navilog1
REM @if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
REM @echo.
REM @if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
REM @if %langue%==eng @echo If persisting trouble, report this problem to the Helper
REM @echo.
REM @pause
REM @goto exit
REM )
@if not exist "%chemin%\catchme.exe" (
@if %langue%==fra @echo Fichier catchme.exe %absent%
@if %langue%==eng @echo File catchme.exe %absent%
@if %langue%==fra @echo Desinstallez navilog1 puis reinstallez navilog1
@if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
@echo.
@if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
@if %langue%==eng @echo If persisting trouble, report this problem to the Helper
@echo.
@pause
@goto exit
)
@if not exist "%chemin%\Navreb.bat" (
@if %langue%==fra @echo Fichier Navreb.bat %absent%
@if %langue%==eng @echo File Navreb.bat %absent%
@if %langue%==fra @echo Desinstallez navilog1 puis reinstallez navilog1
@if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
@echo.
@if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
@if %langue%==eng @echo If persisting trouble, report this problem to the Helper
@echo.
@pause
@goto exit
)
@if not exist "%chemin%egnavi.reg" (
@if %langue%==fra @echo Fichier regnavi.reg %absent%
@if %langue%==eng @echo File regnavi.reg %absent%
@if %langue%==fra @echo Desinstallez navilog1 puis reinstallez navilog1
@if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
@echo.
@if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
@if %langue%==eng @echo If persisting trouble, report this problem to the Helper
@echo.
@pause
@goto exit
)
@if not exist "%chemin%\Contents\Filess.bat" (
@if %langue%==fra @echo Fichier Filess.bat %absent%
@if %langue%==eng @echo File Filess.bat %absent%
@if %langue%==fra @echo Desinstallez Navilog1 puis reinstallez Navilog1
@if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
@echo.
@if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
@if %langue%==eng @echo If persisting trouble, report this problem to the Helper
@echo.
@pause
@goto exit
)
@if not exist "%chemin%\Contents\Folders.bat" (
@if %langue%==fra @echo Fichier Folders.bat %absent%
@if %langue%==eng @echo File Folders.bat %absent%
@if %langue%==fra @echo Desinstallez Navilog1 puis reinstallez Navilog1
@if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
@echo.
@if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
@if %langue%==eng @echo If persisting trouble, report this problem to the Helper
@echo.
@pause
@goto exit
)
@if not exist "%chemin%\Contents\Folderss.bat" (
@if %langue%==fra @echo Fichier Folderss.bat %absent%
@if %langue%==eng @echo File Folderss.bat %absent%
@if %langue%==fra @echo Desinstallez Navilog1 puis reinstallez Navilog1
@if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
@echo.
@if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
@if %langue%==eng @echo If persisting trouble, report this problem to the Helper
@echo.
@pause
@goto exit
)
@if not exist "%chemin%\Contents\Gnc2.bat" (
@if %langue%==fra @echo Fichier Gnc2.bat %absent%
@if %langue%==eng @echo File Gnc2.bat %absent%
@if %langue%==fra @echo Desinstallez Navilog1 puis reinstallez Navilog1
@if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
@echo.
@if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
@if %langue%==eng @echo If persisting trouble, report this problem to the Helper
@echo.
@pause
@goto exit
)
@if not exist "%chemin%\Contents\Gnc2su.bat" (
@if %langue%==fra @echo Fichier Gnc2su.bat %absent%
@if %langue%==eng @echo File Gnc2su.bat %absent%
@if %langue%==fra @echo Desinstallez Navilog1 puis reinstallez Navilog1
@if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
@echo.
@if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
@if %langue%==eng @echo If persisting trouble, report this problem to the Helper
@echo.
@pause
@goto exit
)
@if not exist "%chemin%\Contents\Gncs.bat" (
@if %langue%==fra @echo Fichier Gncs.bat %absent%
@if %langue%==eng @echo File Gncs.bat %absent%
@if %langue%==fra @echo Desinstallez Navilog1 puis reinstallez Navilog1
@if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
@echo.
@if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
@if %langue%==eng @echo If persisting trouble, report this problem to the Helper
@echo.
@pause
@goto exit
)
@if not exist "%chemin%\Contents\Gncssfil.bat" (
@if %langue%==fra @echo Fichier Gncssfil.bat %absent%
@if %langue%==eng @echo File Gncssfil.bat %absent%
@if %langue%==fra @echo Desinstallez Navilog1 puis reinstallez Navilog1
@if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
@echo.
@if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
@if %langue%==eng @echo If persisting trouble, report this problem to the Helper
@echo.
@pause
@goto exit
)
@if not exist "%chemin%\Contents\Heurs.bat" (
@if %langue%==fra @echo Fichier Heurs.bat %absent%
@if %langue%==eng @echo File Heurs.bat %absent%
@if %langue%==fra @echo Desinstallez Navilog1 puis reinstallez Navilog1
@if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
@echo.
@if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
@if %langue%==eng @echo If persisting trouble, report this problem to the Helper
@echo.
@pause
@goto exit
)
@if not exist "%chemin%\Contents\Orphus.bat" (
@if %langue%==fra @echo Fichier Orphus.bat %absent%
@if %langue%==eng @echo File Orphus.bat %absent%
@if %langue%==fra @echo Desinstallez Navilog1 puis reinstallez Navilog1
@if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
@echo.
@if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
@if %langue%==eng @echo If persisting trouble, report this problem to the Helper
@echo.
@pause
@goto exit
)
@if not exist "%chemin%\Contents\Heurss.bat" (
@if %langue%==fra @echo Fichier Heurss.bat %absent%
@if %langue%==eng @echo File Heurss.bat %absent%
@if %langue%==fra @echo Desinstallez Navilog1 puis reinstallez Navilog1
@if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
@echo.
@if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
@if %langue%==eng @echo If persisting trouble, report this problem to the Helper
@echo.
@pause
@goto exit
)
@if not exist "%chemin%\Contents\Wlist.bat" (
@if %langue%==fra @echo Fichier Wlist.bat %absent%
@if %langue%==eng @echo File Wlist.bat %absent%
@if %langue%==fra @echo Desinstallez Navilog1 puis reinstallez Navilog1
@if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
@echo.
@if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
@if %langue%==eng @echo If persisting trouble, report this problem to the Helper
@echo.
@pause
@goto exit
)
@if not exist "%chemin%	raite.bat" (
@if %langue%==fra @echo Fichier traite.bat %absent%
@if %langue%==eng @echo File traite.bat %absent%
@if %langue%==fra @echo Desinstallez navilog1 puis reinstallez navilog1
@if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
@echo.
@if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
@if %langue%==eng @echo If persisting trouble, report this problem to the Helper
@echo.
@pause
@goto exit
)
@if not exist "%chemin%	raite2.bat" (
@if %langue%==fra @echo Fichier traite2.bat %absent%
@if %langue%==eng @echo File traite2.bat %absent%
@if %langue%==fra @echo Desinstallez navilog1 puis reinstallez navilog1
@if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
@echo.
@if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
@if %langue%==eng @echo If persisting trouble, report this problem to the Helper
@echo.
@pause
@goto exit
)
@if not exist "%chemin%	raite3.bat" (
@if %langue%==fra @echo Fichier traite3.bat %absent%
@if %langue%==eng @echo File traite3.bat %absent%
@if %langue%==fra @echo Desinstallez navilog1 puis reinstallez navilog1
@if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
@echo.
@if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
@if %langue%==eng @echo If persisting trouble, report this problem to the Helper
@echo.
@pause
@goto exit
)
@if not exist "%chemin%
avilog1.bat" (
@if %langue%==fra @echo Fichier navilog1.bat %absent%
@if %langue%==eng @echo File navilog1.bat %absent%
@if %langue%==fra @echo Desinstallez navilog1 puis reinstallez navilog1
@if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
@echo.
@if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
@if %langue%==eng @echo If persisting trouble, report this problem to the Helper
@echo.
@pause
@goto exit
)
@if not exist "%chemin%\gnc.exe" (
@if %langue%==fra @echo Fichier gnc.exe %absent%
@if %langue%==eng @echo File gnc.exe %absent%
@if %langue%==fra @echo Desinstallez navilog1 puis reinstallez navilog1
@if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
@echo.
@if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
@if %langue%==eng @echo If persisting trouble, report this problem to the Helper
@echo.
@pause
@goto exit
)
@if not exist "%chemin%\GetPaths.exe" (
@if %langue%==fra @echo Fichier GetPaths.exe %absent%
@if %langue%==eng @echo File GetPaths.exe %absent%
@if %langue%==fra @echo Desinstallez navilog1 puis reinstallez navilog1
@if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
@echo.
@if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
@if %langue%==eng @echo If persisting trouble, report this problem to the Helper
@echo.
@pause
@goto exit
)
@if not exist "%chemin%eg.exe" (
@if %langue%==fra @echo Fichier reg.exe %absent%
@if %langue%==eng @echo File reg.exe %absent%
@if %langue%==fra @echo Desinstallez navilog1 puis reinstallez navilog1
@if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
@echo.
@if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
@if %langue%==eng @echo If persisting trouble, report this problem to the Helper
@echo.
@pause
@goto exit
)
@if not exist "%chemin%\oem2ansi.exe" (
@if %langue%==fra @echo Fichier oem2ansi.exe %absent%
@if %langue%==eng @echo File oem2ansi.exe %absent%
@if %langue%==fra @echo Desinstallez navilog1 puis reinstallez navilog1
@if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
@echo.
@if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
@if %langue%==eng @echo If persisting trouble, report this problem to the Helper
@echo.
@pause
@goto exit
)
REM @if %mmos%==1 (
REM @if not exist "%chemin%eboot.exe" (
REM @if %langue%==fra @echo Fichier reboot.exe %absent%
REM @if %langue%==eng @echo File reboot.exe %absent%
REM @if %langue%==fra @echo Desinstallez navilog1 puis reinstallez navilog1
REM @if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
REM @echo.
REM @if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
REM @if %langue%==eng @echo If persisting trouble, report this problem to the Helper
REM @echo.
REM @pause
REM @goto exit
REM )
REM )
@echo.
@if %langue%==fra @echo Vous avez correctement installe navilog1 !
@if %langue%==eng @echo You've correctly installed navilog1 !
@echo.
@pause
@goto menu

:menu
@echo off
@if exist "%SystemDrive%\unpffc0?.txt" @del /q "%SystemDrive%\unpffc0?.txt"
@if exist "%chemin%egnavi1.reg" @del /q "%chemin%egnavi1.reg"

@cls

@if %manutxt%==1 goto nett0

@if %langue%==fra goto menufr
@if %langue%==eng goto menuen

:menufr
echo.
echo ÉÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ»
echo º             Fix Navipromo %sver%           º
echo º             (Uniquement 2000 / XP et Vista)       º
echo º                                                   º
echo º 1 - Recherche      1
                               º
echo º                                                   º
echo º 2 - Desinfection automatique                      º
echo º                                                   º
echo º 3 - Desinfection automatique                      º
echo º     sans prise en charge resultats Catchme/GNS    º
echo º                                                   º
echo º 4 - Desinfection manuelle par saisie nom adware   º
echo º                                                   º 
echo º Q - Quitter                                       º
echo º                                                   º
echo ÈÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ¼
echo.
set /p choix=Votre choix 1,2,3,4,Q puis validez : 1

@if %choix%==1 goto list1
@if %choix%==2 goto nett0
@if %choix%==3 goto nett0
@if %choix%==4 goto nett0
@if %choix%==Q goto :eof
@if %choix%==q goto :eof
@echo %choix% Erreur saisie dans le choix ! 
@goto menu

:menuen

echo.
echo ÉÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ»
echo º             Fix Navipromo %sver%           º
echo º             (Only for Windows 2000 / XP or Vista) º
echo º                                                   º
echo º 1 - Search                                        º
echo º                                                   º
echo º 2 - Automatic cleaning                            º
echo º                                                   º
echo º 3 - Automatic cleaning                            º
echo º     without results from Catchme/GNS scan         º
echo º                                                   º
echo º 4 - Manual removal by typing the adware name      º
echo º                                                   º 
echo º Q - Exit                                          º
echo º                                                   º
echo ÈÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ¼
echo.
set /p choix=Type your choice 1,2,3,4,Q and then press enter: 
@if %choix%==1 goto list1
@if %choix%==2 goto nett0
@if %choix%==3 goto nett0
@if %choix%==4 goto nett0
@if %choix%==Q goto :eof
@if %choix%==q goto :eof
@echo %choix% Error on choice ! 
@goto menu

:list1

@cls
@if exist "%chemin%\pbright.txt" @del /q "%chemin%\pbright.txt"
@if exist "%chemin%\suppauto.txt" @del /q "%chemin%\suppauto.txt"
@if exist "%chemin%\pasblbeta.txt" @del /q "%chemin%\pasblbeta.txt"
@if exist "%chemin%\suppmanu.txt" @del /q "%chemin%\suppmanu.txt"
@if exist "%chemin%\adwaremanu.txt" del /q "%chemin%\adwaremanu.txt"
@if exist "%chemin%\French.txt" @del /q "%chemin%\French.txt"
@if exist "%chemin%\English.txt" @del /q "%chemin%\English.txt"
@if exist "%chemin%\gnc1t.txt" del /q "%chemin%\gnc1t.txt"
@if exist "%chemin%\gncsuspt.txt" del /q "%chemin%\gncsuspt.txt"
@if exist "%chemin%echerok.txt" del /q "%chemin%echerok.txt"
@if exist "%chemin%egnavi1.reg" del /q "%chemin%egnavi1.reg"

if exist "%SystemDrive%\fixnavi.txt" del /q "%SystemDrive%\fixnavi.txt"

cd "%chemin%\Report" 2>NUL
if %errorlevel%==0 cd\
if %errorlevel%==1 md "%chemin%\Report"

@if %mmos%==1 (
@if not exist "%windir%\system32eg.exe" @copy "%chemin%eg.exe" "%windir%\system32" >NUL
)

@echo off
@echo.
@if %langue%==fra @echo Creation de la liste des programmes installes
@if %langue%==eng @echo Creating  a list of installed Software
@echo.
@echo %patient%
@echo.

(
@for /f "tokens=7 delims=\" %%a in ('@reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall"') do (
@reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\%%a" /v DisplayName 2>NUL>>%SystemDrive%\unpffc01.txt)
@for /f "tokens=3* delims=	" %%a in (%SystemDrive%\unpffc01.txt) do (
@echo %%a>>%SystemDrive%\unpffc02.txt)
@sort "%SystemDrive%\unpffc02.txt">"%SystemDrive%\unpffc03.txt"
if exist "%SystemDrive%\unpffc02.txt" del /q "%SystemDrive%\unpffc02.txt"
if exist "%SystemDrive%\unpffc01.txt" del /q "%SystemDrive%\unpffc01.txt"
)

@echo off
:list2
@if %langue%==fra (
@echo Search Navipromo %sver% commencé le %date% à %time%>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
@echo !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!>>%SystemDrive%\fixnavi.txt
@echo !!! Postez ce rapport sur le forum pour le faire analyser !!!>>%SystemDrive%\fixnavi.txt
@echo !!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
@echo Outil exécuté depuis %chemin%>>%SystemDrive%\fixnavi.txt
@echo Session actuelle : "%username%" | "%chemin%\oem2ansi.exe">>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
@echo Mise à jour le %smiseajour% par IL-MAFIOSO>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
@if not %vistaos%==1 (
@ver>>%SystemDrive%\fixnavi.txt
)
@if %vistaos%==1 (
@echo Microsoft Windows Vista %osversion% >>%SystemDrive%\fixnavi.txt
)
@for /f "tokens=1,2,3" %%a in ('%valeur%^|%version%') do @echo Internet Explorer : %%c >>%SystemDrive%\fixnavi.txt
@if %mmos%==0 (
@echo Système de fichiers : %Typdisk%>>%SystemDrive%\fixnavi.txt
)
@echo.>>%SystemDrive%\fixnavi.txt
@if not defined safeboot_option @echo Recherche %modnormal%>>%SystemDrive%\fixnavi.txt
@if defined safeboot_option @echo Recherche %modechec%>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
@echo Search Navipromo %sver% commence le %date% a %time%
@echo. 
@echo !!! Attention,ce rapport peut indiquer des fichiers/programmes legitimes !!!
@echo !!! Postez ce rapport sur le forum pour le faire analyser !!!
@echo !!! Ne lancez pas la partie desinfection sans l'avis d'un specialiste !!!
@echo.
@echo.
if %mmos%==0 (
@echo *** Recherche Programmes installés ***>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
)
)

@if %langue%==eng (
@echo Search Navipromo %sver% began on %date% at %time%>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
@echo !!! Warning, this report may include legitimate files/programs !!!>>%SystemDrive%\fixnavi.txt
@echo !!! Post this report on the forum you are being helped !!!>>%SystemDrive%\fixnavi.txt
@echo !!! Don't continue with removal unless instructed by an authorized helper !!!>>%SystemDrive%\fixnavi.txt
@echo.
@echo Fix running from %chemin%>>%SystemDrive%\fixnavi.txt
@echo Actual User Account : "%username%" | "%chemin%\oem2ansi.exe">>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
@echo Updated on %smiseajour% by IL-MAFIOSO>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
@if not %vistaos%==1 (
@ver>>%SystemDrive%\fixnavi.txt
)
@if %vistaos%==1 (
@echo Microsoft Windows Vista %osversion% >>%SystemDrive%\fixnavi.txt
)
@for /f "tokens=1,2,3" %%a in ('%valeur%^|%version%') do @echo Version Internet Explorer : %%c>>%SystemDrive%\fixnavi.txt
@if %mmos%==0 (
@echo Filesystem type : %Typdisk%>>%SystemDrive%\fixnavi.txt
)
@echo.>>%SystemDrive%\fixnavi.txt
@if not defined safeboot_option @echo Search %modnormal%>>%SystemDrive%\fixnavi.txt
@if defined safeboot_option @echo Search %modechec%>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
@echo Search for Navipromo %sver% started on %date% at %time%
@echo. 
@echo !!! Warning, this report may include legitimate files/programs !!!
@echo !!! Post this report at the forum you are being helped !!!
@echo !!! Don't continue with removal unless instructed by an authorized helper !!!
@echo.
@echo.
if %mmos%==0 (
@echo *** Searching for installed Software ***>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
)
)
:suite6

if %mmos%==1 (
@if exist "%SystemDrive%\unpffc0?.txt" @del /q "%SystemDrive%\unpffc0?.txt"
goto suite7
)

@echo.
@echo.
@if %langue%==fra @echo *** Recherche programmes installes *** 
@if %langue%==eng @echo *** Searching for installed software *** 
@echo.
@echo %patient%
@echo.

if exist "%SystemDrive%\unpffc03.txt" (
type "%SystemDrive%\unpffc03.txt" | find /i /V "Windows Live">>"%SystemDrive%\unpffc04.txt"
)
if exist "%SystemDrive%\unpffc04.txt" (
type "%SystemDrive%\unpffc04.txt" | find /i /V "Sound">>"%SystemDrive%\unpffc05.txt"
)
if exist "%SystemDrive%\unpffc05.txt" (
type "%SystemDrive%\unpffc05.txt" | find /i /V "Blaster">>"%SystemDrive%\unpffc06.txt"
)
if exist "%SystemDrive%\unpffc06.txt" (
type "%SystemDrive%\unpffc06.txt" | find /i /V "Creative">>"%SystemDrive%\unpffc07.txt"
)
if exist "%SystemDrive%\unpffc07.txt" (
type "%SystemDrive%\unpffc07.txt" | find /i /V "Oregon">>"%SystemDrive%\unpffc08.txt"
)

if exist "%SystemDrive%\unpffc08.txt" (
@FINDSTR /c:"Favorit" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"go-astro" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"go-Astro" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"Go-astro" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"Go-Astro" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"GoAstro" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"goastro" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"Goastro" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"goAstro" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"GoRecord" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"HotTVPlayer" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"HotTvPlayer" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"Instant Access" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"Instant access" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"instant Access" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"instant access" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"InternetGameBox" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"Live-Player" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"MailSkinner" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"Mailskinner" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"mailskinner" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"mailSkinner" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"MessengerSkinner" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"Messengerskinner" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"messengerskinner" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"messengerSkinner" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"SudoPlanet" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"WebMediaPlayer" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"Web-Mediaplayer" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"Web-mediaplayer" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"web-mediaplayer" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"Web-Mediaplayer" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@echo.
@echo %rechter%
@echo.
)

@if exist "%SystemDrive%\unpffc0?.txt" @del /q "%SystemDrive%\unpffc0?.txt"

@goto suite7

:suite7

@echo.>>%SystemDrive%\fixnavi.txt
@echo *** %reche% %dossier% %dans% "%WINDIR%" ***>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt

@echo.
@echo *** %reche% %dossier% %dans% "%WINDIR%" ***
@echo.
@echo %patient%
@echo.
pushd %WINDIR%

IF EXIST "mc" echo %WINDIR%\mc %strouv%>>%SystemDrive%\fixnavi.txt
IF EXIST "mslagent" echo %WINDIR%\mslagent %strouv%>>%SystemDrive%\fixnavi.txt
IF EXIST "msskinner" echo %WINDIR%\msskinner %strouv%>>%SystemDrive%\fixnavi.txt
IF EXIST "navmpc" echo %WINDIR%
avmpc %strouv%>>%SystemDrive%\fixnavi.txt
IF EXIST "simcss" echo %WINDIR%\simcss %strouv%>>%SystemDrive%\fixnavi.txt
IF EXIST "wincomp" echo %WINDIR%\wincomp %strouv%>>%SystemDrive%\fixnavi.txt
IF EXIST "winmgts" echo %WINDIR%\winmgts %strouv%>>%SystemDrive%\fixnavi.txt
IF EXIST "wintrim" echo %WINDIR%\wintrim %strouv%>>%SystemDrive%\fixnavi.txt

popd
@echo %rechter%
@echo.
@goto suite8

:suite8
@echo.>>%SystemDrive%\fixnavi.txt
@echo *** %reche% %dossier% %dans% "%PROGRAMFILES%" ***>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt

@echo.
@echo *** %reche% %dossier% %dans% "%PROGRAMFILES%" *** 
@echo.
@echo %patient%
@echo.
pushd "%PROGRAMFILES%"
call "%chemin%\Contents\Folders.bat"
popd
@echo %rechter%
@echo.

@echo.>>%SystemDrive%\fixnavi.txt

if %vistaos%==1 (
pushd "%austartprg2%"
@echo *** %reche% %dossier% %dans% "%austartprg2%" ***>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
@echo.
@echo *** %reche% %dossier% %dans% "%austartprg2%" *** 
@echo.
@echo %patient%
@echo.
call "%chemin%\Contents\Folders.bat"
popd
@echo %rechter%
@echo.
@echo.>>%SystemDrive%\fixnavi.txt
)

if %vistaos%==0 (
pushd "%ALLUSERSPROFILE%\%MENDPRG%"
@echo *** %reche% %dossier% %dans% "%ALLUSERSPROFILE%\%MENDPRG%" ***>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
@echo.
@echo *** %reche% %dossier% %dans% "%ALLUSERSPROFILE%\%MENDPRG%" *** 
@echo.
@echo %patient%
@echo.
call "%chemin%\Contents\Folders.bat"
popd
@echo %rechter%
@echo.
@echo.>>%SystemDrive%\fixnavi.txt
)

if %vistaos%==1 (
pushd "%austartm2%"
@echo *** %reche% %dossier% %dans% "%austartm2%" ***>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
@echo.
@echo *** %reche% %dossier% %dans% "%austartm2%" *** 
@echo.
@echo %patient%
@echo.
call "%chemin%\Contents\Folders.bat"
popd
@echo %rechter%
@echo.
)

if %vistaos%==0 (
pushd "%ALLUSERSPROFILE%\%MENDM%"
@echo *** %reche% %dossier% %dans% "%ALLUSERSPROFILE%\%MENDM%" ***>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
@echo.
@echo *** %reche% %dossier% %dans% "%ALLUSERSPROFILE%\%MENDM%" *** 
@echo.
@echo %patient%
@echo.
call "%chemin%\Contents\Folders.bat"
popd
@echo %rechter%
@echo.
)

@goto suite8vista

:suite8vista
@if not %vistaos%==1 @goto suite8a
@pushd "%ProgramData%"
@echo.>>%SystemDrive%\fixnavi.txt
@echo *** %reche% %dossier% %dans% "%ProgramData%" ***>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
@echo.
@echo *** %reche% %dossier% %dans% "%ProgramData%" *** 
@echo.
@echo %patient%
@echo.
call "%chemin%\Contents\Folders.bat"
popd
@echo %rechter%
@echo.
@goto suite8vistab

:suite8vistab
@if not %vistaos%==1 @goto suite8a
pushd "%startprg2%" 2>NUL
@IF NOT ERRORLEVEL 1 (
@echo.>>%SystemDrive%\fixnavi.txt
@echo *** %reche% %dossier% %dans% "%startprg2%" ***>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
@echo.
@echo *** %reche% %dossier% %dans% "%startprg2%" *** 
@echo.
@echo %patient%
@echo.
call "%chemin%\Contents\Folders.bat"
popd
)

if exist "%temp%\session1.txt" del /q "%temp%\session1.txt"
if exist "%temp%\session2.txt" del /q "%temp%\session2.txt"
if exist "%temp%\session3.txt" del /q "%temp%\session3.txt"

pushd "%systemdrive%\%VISTAUSE%" 2>NUL

for /f "tokens=*" %%G in ('dir /b /a:d  ^| find /v "All Users" ^| find /v "Default User" ^| find /v "Default" ^| find /v "Public" ^| find /v "%username%"') do echo %%~fsG>>"%temp%\session1.txt"

popd

if exist "%temp%\session1.txt" (
for /f "delims=" %%G in ('type "%temp%\session1.txt"') do (
pushd "%%G"
if NOT ERRORLEVEL 1 (
echo %%G>>"%temp%\session2.txt"
popd
)
)
)

if exist "%temp%\session2.txt" (
for /f "delims=" %%G in ('type "%temp%\session2.txt"') do (
pushd "%%G\%VISDEMPRG" 2>NUL
if NOT ERRORLEVEL 1 (
echo %%G>>"%temp%\session3.txt"
popd
)
)
)

if exist "%temp%\session3.txt" (
for /f "delims=" %%G in ('type "%temp%\session3.txt"') do (

pushd "%%G\%VISDEMPRG%" 2>NUL

@echo.>>%SystemDrive%\fixnavi.txt
@echo *** %reche% %dossier% %dans% "%%G\%VISDEMPRG%" ***>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
@echo.
@echo *** %reche% %dossier% %dans% "%%G\%VISDEMPRG%" *** 
@echo.
@echo %patient%
@echo.
call "%chemin%\Contents\Folders.bat"
echo %rechter%
@echo.
popd
)
)

if exist "%temp%\session1.txt" del /q "%temp%\session1.txt"
if exist "%temp%\session2.txt" del /q "%temp%\session2.txt"
if exist "%temp%\session3.txt" del /q "%temp%\session3.txt"

@goto suite8vistad

:suite8vistad
@if not %vistaos%==1 @goto suite8a
@if not %vista3%==1 @goto suite8a
@echo.>>%SystemDrive%\fixnavi.txt
@echo *** %reche% %dossier% %dans% "%LOCALAPPDATA%\virtualstore\Program Files" ***>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
@echo.
@echo *** %reche% %dossier% %dans% "%LOCALAPPDATA%\virtualstore\Program Files" *** 
@echo.
@echo %patient%
@echo.
pushd "%LOCALAPPDATA%\virtualstore\Program Files"
call "%chemin%\Contents\Folders.bat"
popd
@echo %rechter%
@echo.

if exist "%temp%\session1.txt" del /q "%temp%\session1.txt"
if exist "%temp%\session2.txt" del /q "%temp%\session2.txt"
if exist "%temp%\session3.txt" del /q "%temp%\session3.txt"

pushd "%systemdrive%\%VISTAUSE%" 2>NUL

for /f "tokens=*" %%G in ('dir /b /a:d  ^| find /v "All Users" ^| find /v "Default User" ^| find /v "Default" ^| find /v "Public" ^| find /v "%username%"') do echo %%~fsG>>"%temp%\session1.txt"

popd

if exist "%temp%\session1.txt" (
for /f "delims=" %%G in ('type "%temp%\session1.txt"') do (
pushd "%%G"
if NOT ERRORLEVEL 1 (
echo %%G>>"%temp%\session2.txt"
popd
)
)
)

if exist "%temp%\session2.txt" (
for /f "delims=" %%G in ('type "%temp%\session2.txt"') do (
pushd "%%G\%VISTALOC%\virtualstore\Program Files" 2>NUL
if NOT ERRORLEVEL 1 (
echo %%G>>"%temp%\session3.txt"
popd
)
)
)

if exist "%temp%\session3.txt" (
for /f "delims=" %%G in ('type "%temp%\session3.txt"') do (

pushd "%%G\%VISTALOC%\virtualstore\Program Files" 2>NUL

@echo.>>%SystemDrive%\fixnavi.txt
@echo *** %reche% %dossier% %dans% "%%G\%VISTALOC%\virtualstore\Program Files" ***>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
@echo.
@echo *** %reche% %dossier% %dans% "%%G\%VISTALOC%\virtualstore\Program Files" *** 
@echo.
@echo %patient%
@echo.
call "%chemin%\Contents\Folders.bat"
popd
@echo %rechter%
@echo.
)
)

if exist "%temp%\session1.txt" del /q "%temp%\session1.txt"
if exist "%temp%\session2.txt" del /q "%temp%\session2.txt"
if exist "%temp%\session3.txt" del /q "%temp%\session3.txt"

@goto suite8a

:suite8a
@if %vistaos%==1 @goto suite8b

@echo.>>%SystemDrive%\fixnavi.txt
@echo *** %reche% %dossier% %dans% "%auppdata2%" ***>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
@echo.
@echo *** %reche% %dossier% %dans% "%auppdata2%" ***
@echo.
@echo %patient%
@echo.
pushd "%auppdata2%"
call "%chemin%\Contents\Folders.bat"
popd
@echo. %rechter%
@echo.
@echo.>>%SystemDrive%\fixnavi.txt

@echo *** %reche% %dossier% %dans% "%USERPROFILE%\%APD%" *** | "%chemin%\oem2ansi.exe">>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
@echo.
@echo *** %reche% %dossier% %dans% "%USERPROFILE%\%APD%" ***
@echo.
@echo %patient%
@echo.
pushd "%USERPROFILE%"
pushd "%APD%"
call "%chemin%\Contents\Folders.bat"
popd
popd
echo %rechter%
if exist "%temp%\session1.txt" del /q "%temp%\session1.txt"
if exist "%temp%\session2.txt" del /q "%temp%\session2.txt"
if exist "%temp%\session3.txt" del /q "%temp%\session3.txt"

pushd "%systemdrive%\%DOCSET%" 2>NUL

for /f "tokens=*" %%G in ('dir /b /a:d  ^| find /v "All Users" ^| find /v "Default User" ^| find /v "NetworkService" ^| find /v "LocalService" ^| find /v "%username%"') do echo %%~fsG>>"%temp%\session1.txt"

popd

if exist "%temp%\session1.txt" (
for /f "delims=" %%G in ('type "%temp%\session1.txt"') do (
pushd "%%G"
if NOT ERRORLEVEL 1 (
echo %%G>>"%temp%\session2.txt"
popd
)
)
)

if exist "%temp%\session2.txt" (
for /f "delims=" %%G in ('type "%temp%\session2.txt"') do (
pushd "%%G\%APD%" 2>NUL
if NOT ERRORLEVEL 1 (
echo %%G>>"%temp%\session3.txt"
popd
)
)
)

if exist "%temp%\session3.txt" (
for /f "delims=" %%G in ('type "%temp%\session3.txt"') do (
pushd "%%G\%APD%" 2>NUL
echo.>>%SystemDrive%\fixnavi.txt
echo *** %reche% %dossier% %dans% "%%G\%APD%" *** | "%chemin%\oem2ansi.exe">>%SystemDrive%\fixnavi.txt
echo.>>%SystemDrive%\fixnavi.txt
echo.
echo *** %reche% %dossier% %dans% "%%G\%APD%" ***
echo.
echo %patient%
echo.
call "%chemin%\Contents\Folders.bat"
popd
echo %rechter%
echo.
)
)
if exist "%temp%\session1.txt" del /q "%temp%\session1.txt"
if exist "%temp%\session2.txt" del /q "%temp%\session2.txt"
if exist "%temp%\session3.txt" del /q "%temp%\session3.txt"


@echo.
@echo.>>%SystemDrive%\fixnavi.txt

@echo *** %reche% %dossier% %dans% "%USERPROFILE%\%LSAD%" *** | "%chemin%\oem2ansi.exe">>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
@echo.
@echo *** %reche% %dossier% %dans% "%USERPROFILE%\%LSAD%" *** | "%chemin%\oem2ansi.exe"
@echo.
@echo %patient%
@echo.

pushd "%USERPROFILE%"
pushd "%LSAD%"
call "%chemin%\Contents\Folders.bat"
echo %rechter%
echo.
popd
popd

if exist "%temp%\session1.txt" del /q "%temp%\session1.txt"
if exist "%temp%\session2.txt" del /q "%temp%\session2.txt"
if exist "%temp%\session3.txt" del /q "%temp%\session3.txt"

pushd "%systemdrive%\%DOCSET%" 2>NUL

for /f "tokens=*" %%G in ('dir /b /a:d  ^| find /v "All Users" ^| find /v "Default User" ^| find /v "NetworkService" ^| find /v "LocalService" ^| find /v "%username%"') do echo %%~fsG>>"%temp%\session1.txt"

popd

if exist "%temp%\session1.txt" (
for /f "delims=" %%G in ('type "%temp%\session1.txt"') do (
pushd "%%G"
if NOT ERRORLEVEL 1 (
echo %%G>>"%temp%\session2.txt"
popd
)
)
)

if exist "%temp%\session2.txt" (
for /f "delims=" %%G in ('type "%temp%\session2.txt"') do (
pushd "%%G\%LSAD%" 2>NUL
if NOT ERRORLEVEL 1 (
echo %%G>>"%temp%\session3.txt"
popd
)
)
)

if exist "%temp%\session3.txt" (
for /f "delims=" %%G in ('type "%temp%\session3.txt"') do (
pushd "%%G\%LSAD%" 2>NUL
echo.>>%SystemDrive%\fixnavi.txt
echo *** %reche% %dossier% %dans% "%%G\%LSAD%" *** | "%chemin%\oem2ansi.exe">>%SystemDrive%\fixnavi.txt
echo.>>%SystemDrive%\fixnavi.txt
echo.
echo *** %reche% %dossier% %dans% "%%G\%LSAD%" ***
echo.
echo %patient%
echo.
call "%chemin%\Contents\Folders.bat"
popd
echo %rechter%
echo.
)
)
if exist "%temp%\session1.txt" del /q "%temp%\session1.txt"
if exist "%temp%\session2.txt" del /q "%temp%\session2.txt"
if exist "%temp%\session3.txt" del /q "%temp%\session3.txt"

@echo.>>%SystemDrive%\fixnavi.txt
@echo *** %reche% %dossier% %dans% "%USERPROFILE%\%MENDPRG%" *** | "%chemin%\oem2ansi.exe">>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
@echo.
@echo *** %reche% %dossier% %dans% "%USERPROFILE%\%MENDPRG%" *** | "%chemin%\oem2ansi.exe"
@echo.
@echo %patient%
@echo.

pushd "%USERPROFILE%"
pushd "%MENDPRG%"
call "%chemin%\Contents\Folders.bat"
echo %rechter%
echo.
popd
popd

if exist "%temp%\session1.txt" del /q "%temp%\session1.txt"
if exist "%temp%\session2.txt" del /q "%temp%\session2.txt"
if exist "%temp%\session3.txt" del /q "%temp%\session3.txt"

pushd "%systemdrive%\%DOCSET%" 2>NUL

for /f "tokens=*" %%G in ('dir /b /a:d  ^| find /v "All Users" ^| find /v "Default User" ^| find /v "NetworkService" ^| find /v "LocalService" ^| find /v "%username%"') do echo %%~fsG>>"%temp%\session1.txt"

popd

if exist "%temp%\session1.txt" (
for /f "delims=" %%G in ('type "%temp%\session1.txt"') do (
pushd "%%G"
if NOT ERRORLEVEL 1 (
echo %%G>>"%temp%\session2.txt"
popd
)
)
)

if exist "%temp%\session2.txt" (
for /f "delims=" %%G in ('type "%temp%\session2.txt"') do (
pushd "%%G\%MENDPRG%" 2>NUL
if NOT ERRORLEVEL 1 (
echo %%G>>"%temp%\session3.txt"
popd
)
)
)

if exist "%temp%\session3.txt" (
for /f "delims=" %%G in ('type "%temp%\session3.txt"') do (
pushd "%%G\%MENDPRG%" 2>NUL
echo.>>%SystemDrive%\fixnavi.txt
echo *** %reche% %dossier% %dans% "%%G\%MENDPRG%" *** | "%chemin%\oem2ansi.exe">>%SystemDrive%\fixnavi.txt
echo.>>%SystemDrive%\fixnavi.txt
@echo.
@echo *** %reche% %dossier% %dans% "%%G\%MENDPRG%" *** | "%chemin%\oem2ansi.exe"
@echo.
@echo %patient%
@echo.
call "%chemin%\Contents\Folders.bat"
popd
echo %rechter%
echo.
)
)
if exist "%temp%\session1.txt" del /q "%temp%\session1.txt"
if exist "%temp%\session2.txt" del /q "%temp%\session2.txt"
if exist "%temp%\session3.txt" del /q "%temp%\session3.txt"

@goto suite8b

:suite8b

if %vistaos%==0 goto suite9b

@echo.>>%SystemDrive%\fixnavi.txt
@echo *** %reche% %dossier% %dans% "%APPDATA%" ***>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
@echo.
@echo *** %reche% %dossier% %dans% "%APPDATA%" *** 
@echo.
@echo %patient%
@echo.
pushd "%APPDATA%"
call "%chemin%\Contents\Folders.bat"
popd
@echo %rechter%
@echo.

if exist "%temp%\session1.txt" del /q "%temp%\session1.txt"
if exist "%temp%\session2.txt" del /q "%temp%\session2.txt"
if exist "%temp%\session3.txt" del /q "%temp%\session3.txt"

pushd "%systemdrive%\%VISTAUSE%" 2>NUL

for /f "tokens=*" %%G in ('dir /b /a:d  ^| find /v "All Users" ^| find /v "Default User" ^| find /v "Default" ^| find /v "Public" ^| find /v "%username%"') do echo %%~fsG>>"%temp%\session1.txt"

popd

if exist

plopus · Answer

Salut

je comprend pourquoi le format de navilog n'est pas habituel...bref

Quel type de probleme as tu?

telecharge et fait un log hijacthis DO A SCAN AND SAVE THE LOG et poste le rapport
http://www.commentcamarche.net/telecharger/telecharger 159 hijackthis

sevellec · Answer

bonjour et merci,
j'ai eu la surprise sur ma derniere facture de telephone d'avoir des n° surtaxe et notament durant mes 3 semaines de vacances je veux bien paye mes pas pour les autres.
mon systeme est tres lent vaussi bien au demarage de windows que pour internet
je voudrai me debarasser de ces rootkit ou hidden
je suis tombée en rade de ma neufbox je pensai que cela venait de ces saletes j'ai paye 89 euros pour nettoyage chez un informaticien pour rien car meme durant les deux mois d'interuption de ma ligne tel et d'internet j'ai recupere le rrotkit
pouvez vous m'aider a les suprimer et nettoyer mon systeme
je vous rzemercie de votre aide
junon16

plopus · Answer

ok telecharge navilog1 ici installe a partir de cette adresse car ton log montre des infections mais le formats est pas classique si jpuis dire
http://il.mafioso.pagesperso-orange.fr/Navifix/Navilog1.exe
puis fait option 1 te poste le rapport

sevellec · Answer

bonjour,
ci joint nouveau  rapport navilog
@rem Fix Navipromo 
@rem pour Windows 2000/XP/Vista exclusivement
@rem for Windows 2000/XP/Vista only
@rem Copyright IL-MAFIOSO
@rem Process.exe par Craig.Peacock added https://www.beyondlogic.org/
@rem Reboot.exe par Shadowar/Option^Explicit added
@rem Gnc.exe par IL-MAFIOSO - Credits : "Malware Analysis & Diagnostic"
@rem Catchme.exe par gmer added http://www.gmer.net
@rem Getpaths.exe par A.Rothstein

@echo off
TITLE Navilog1 by IL-MAFIOSO
COLOR 1F
@set chemin=%PROGRAMFILES%
avilog1

cd "%chemin%\Backupnavi" 2>NUL
if %errorlevel%==0 cd\
if %errorlevel%==1 md "%chemin%\Backupnavi"
cd "%chemin%\Safebackup" 2>NUL
if %errorlevel%==0 cd\
if %errorlevel%==1 md "%chemin%\Safebackup"
cd "%chemin%\Report" 2>NUL
if %errorlevel%==0 cd\
if %errorlevel%==1 md "%chemin%\Report"

@set genproc=0
@if exist "%systemdrive%\gennavi.txt" (
@set /a genproc=%genproc%+1
)

@set manutxt=0
@if exist "%chemin%\Navscript.txt" (
@set /a manutxt=%manutxt%+1
)

if %genproc%==1 (
set manutxt=0
@if exist "%chemin%\Navscript.txt" del /q "%chemin%\Navscript.txt"
)

%systemdrive%
cd\

@if exist "%chemin%\suppauto.txt" @goto scanreboot
@if exist "%chemin%\pasblbeta.txt" @goto scanreboot
@if exist "%chemin%\suppmanu.txt" @goto scanreboot

:choixlangue
echo          ÉÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ»
echo          º           Selectionnez votre langue               º
echo          º              Select your language                 º
echo          º                                                   º
echo          º           Tapez F ou f pour Francais        f
      º
echo          º                                                   º
echo          º           Tapez E ou e pour Anglais               º
echo          º                                                   º
echo          º           Tapez Q ou q pour Quitter               º
echo          º                                                   º
echo          º           Type F or f for French                  º
echo          º                                                   º
echo          º           Type E or e for English                 º
echo          º                                                   º 
echo          º           Q or q - Quitter (Exit)                 º
echo          º                                                   º
echo          ÈÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ¼
@echo.
set /p choixlang=Votre choix puis validez/Your choice and then press enter (E,e,F,f,Q,q) : 
@if %choixlang%==e goto vareng
@if %choixlang%==E goto vareng
@if %choixlang%==F goto varfr
@if %choixlang%==f goto varfr
@if %choixlang%==Q goto exit
@if %choixlang%==q goto exit
@echo %choixlang% Erreur saisie !/Error on Choice ! 
@cls
@goto choixlangue

:scanreboot

@if exist "%chemin%\French.txt" @goto varfr
@if exist "%chemin%\English.txt" @goto vareng

:varfr
@set valeur=reg query "HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer" /v Version
@set version=findstr /I /L /C:"REG_SZ"
@set mmos=0
@set xpos=0
@set dsulsap=0
@set vistaos=0
@set vista1=0
@set vista2=0
@set vista3=0
@set vista4=0
@set strouv=trouvé !
@set tentsup=...suppression...
@set supdos=Suppression
@set ssupp=supprimé !
@set errsup=!!ERREUR SUPPRESSION!!
@set absent=absent !
@set patient=Veuillez patienter
@set rechter=Recherche terminee
@set rechin=Recherche dans
@set reche=Recherche
@set dossier=dossiers
@set fichier=fichiers
@set dans=dans
@set cop=Copie
@set dupli=réalisée avec succès !
@set sver=version 3.7.1
@set smiseajour=02.01.2009 à 19h00
@set modnormal=executé en mode normal
@set modechec=executé en mode sans échec
@set langue=fra
@set rapp=Rapport réalisé le
@set echec=Echec
@set dossback=vers dossier Backupnavi
@set non=non
@goto controlversion

:vareng
@set valeur=reg query "HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer" /v Version
@set version=findstr /I /L /C:"REG_SZ"
@set mmos=0
@set xpos=0
@set vistaos=0
@set vista1=0
@set vista2=0
@set vista3=0
@set vista4=0
@set strouv=found !
@set tentsup=...deleting...
@set supdos=Deleting
@set ssupp=deleted !
@set errsup=!!DELETING FAILED!!
@set absent=not found !
@set patient=Please wait
@set rechter=Search finished
@set rechin=Search in
@set reche=Search
@set dossier=folders
@set fichier=files
@set dans=in
@set cop=Copy
@set dupli=done !
@set sver=version 3.7.1
@set smiseajour=02.01.2009 at 19h00
@set modnormal=done in normal mode
@set modechec=done in safe mode
@set langue=eng
@set rapp=Scan completed
@set echec=Fail
@set dossback=to Backupnavi folder
@set non=no
@goto controlversion

:controlversion
@ver |find "Windows XP" >nul: 
@if %errorlevel%==1 goto controlversion2
@if %errorlevel%==0 (
@set /a xpos=%xpos%+1
@goto debut
)

:controlversion2
@set OSVersionSwap=%systemroot%	emp\osversionwap.txt
@set OsVersionTxt=%systemroot%	emp\osversion.txt
@ver | findstr "[" > %OSVersionSwap%
@for /f "tokens=2 delims=[" %%i in (%OSVersionSwap%) do echo %%i > %OsVersionTxt%
@for /f "tokens=2 delims=] " %%i in (%OsVersionTxt%) do set osversion=%%i
@if "%osversion%" LSS "6.0" goto controlversion3
@if not "%osversion%" LSS "6.0" (
@set /a vistaos=%vistaos%+1
@CD "%LOCALAPPDATA%\Microsoft" 2>NUL
@IF NOT ERRORLEVEL 1 set /a vista1=%vista1%+1
cd\
@CD "%LOCALAPPDATA%\virtualstore\windows\system32" 2>NUL
@IF NOT ERRORLEVEL 1 set /a vista2=%vista2%+1
cd\
@CD "%LOCALAPPDATA%\virtualstore\Program Files" 2>NUL
@IF NOT ERRORLEVEL 1 set /a vista3=%vista3%+1
cd\
@CD "%LOCALAPPDATA%" 2>NUL
@IF NOT ERRORLEVEL 1 set /a vista4=%vista4%+1
cd\
@goto debut
)

:controlversion3
@ver |find "Windows 2000" >nul: 
@if %errorlevel%==1 goto controlversion4
@if %errorlevel%==0 (
@set /a mmos=%mmos%+1
goto debut
)

:controlversion4
@ver |find "Windows Trust" >nul: 
@if %errorlevel%==1 goto mauvver
@if %errorlevel%==0 (
@set /a xpos=%xpos%+1
@goto debut
)

:mauvver
@cls
@echo.
@if %langue%==fra @echo Cet outil ne fonctionne que sous Windows 2000 / XP ou Vista
@if %langue%==eng @echo This fix runs only with Windows 2000 / XP or Vista 
@echo.
@if %langue%==fra @echo Desinstallez Navilog1 via ajout supp des programmes
@if %langue%==eng @echo Uninstall Navilog1 via add remove programs panel
@echo.
@if %langue%==fra @echo L'outil va être interrompu
@if %langue%==eng @echo Fix will be stopped
@echo.
@pause
@exit

:debut
@cls
@echo %patient%

@if not exist "%chemin%\GetPaths.exe" goto decompression

@if exist "%systemdrive%\GetPaths.bat" del /q "%systemdrive%\GetPaths.bat"
@call "%chemin%\GetPaths.exe"
@call "%systemdrive%\GetPaths.bat"
@if exist "%systemdrive%\GetPaths.bat" del /q "%systemdrive%\GetPaths.bat"

for /f "tokens=1-5 delims=\" %%A in ("%dsculsad2%" ) do (set DOCSET=%%B& set LS=%%D& set APD=%%E& set LSAD=%%D\%%E)

@if exist tempnav.txt del /q tempnav.txt
@echo %startprg2%>tempnav.txt
@for /f "tokens=4 delims=\" %%a in ('@type "tempnav.txt"') do (
@set "MENDM=%%a"
)
@for /f "tokens=5 delims=\" %%a in ('@type "tempnav.txt"') do (
@set PRGS=%%a
)
@set "MENDPRG=%MENDM%\%PRGS%"
@if exist tempnav.txt del /q tempnav.txt

@if %vistaos%==1 (
for /f "tokens=1-5 delims=\" %%A in ("%LocalAppData%") do (set VISTAUSE=%%B& set VISTAA=%%D& set VISTAB=%%E& set VISTALOC=%%D\%%E)
)

if %vistaos%==1 (
for /f "tokens=1-9 delims=\" %%A in ("%startprg2%") do (set VISDEMPRG=%%D\%%E\%%F\%%G\%%H\%%I& set ROAMVISTA=%%D\%%E)
)

if exist "%chemin%esvar.txt" del /q "%chemin%esvar.txt"

if %vistaos%==1 (
echo %VISTAUSE%>>"%chemin%esvar.txt"
echo %VISTAA%>>"%chemin%esvar.txt"
echo %VISTAB%>>"%chemin%esvar.txt"
)
if %vistaos%==0 (
echo %DOCSET%>>"%chemin%esvar.txt"
echo %LS%>>"%chemin%esvar.txt"
echo %APD%>>"%chemin%esvar.txt"
)
if exist "%chemin%esvar.txt" (
FINDSTR /c:"ECHO" "%chemin%esvar.txt"
if not errorlevel 1 goto mauvpat
)
if exist "%chemin%esvar.txt" del /q "%chemin%esvar.txt"

@if %mmos%==0 (
@if exist tmp.txt del tmp.txt
@if exist tmp2.txt del tmp2.txt
@if exist tmp3.txt del tmp3.txt
@chkntfs %systemdrive% | find /V "%systemdrive%">tmp.txt
@type tmp.txt | find /i "NTFS">tmp2.txt
@for /f "tokens=* delims=" %%a in (tmp2.txt) do echo %%a>tmp3.txt
@if exist tmp3.txt set Typdisk=NTFS
@if exist tmp3.txt del tmp3.txt
@type tmp.txt | find /i "FAT32">tmp2.txt
@for /f "tokens=* delims=" %%a in (tmp2.txt) do echo %%a>tmp3.txt
@if exist tmp3.txt set Typdisk=FAT32
@if exist tmp.txt del tmp.txt
@if exist tmp2.txt del tmp2.txt
@if exist tmp3.txt del tmp3.txt
)

goto lancement

:lancement

if exist "%chemin%\Folders1.txt" del /q "%chemin%\Folders1.txt"
if exist "%chemin%\Folders2.txt" del /q "%chemin%\Folders2.txt"

@if exist "%chemin%\suppauto.txt" @goto startclean
@if exist "%chemin%\pasblbeta.txt" @goto startclean
@if exist "%chemin%\suppmanu.txt" @goto startclean

@echo off
@cls
@if %langue%==fra (
@echo !!! Avertissement !!!
@echo.
@echo Cet outil a ete concu pour traiter un certain type d'infection bien precis
@echo.
@echo Ne l'utilisez que lorsqu'une personne competente vous l'aura demande
@echo et suivez scrupuleusement ses instructions.
@echo.
@echo Tout usage par votre propre initiative ou modification du batch
@echo engagera votre entiere responsabilite.
@echo.
@pause
@cls
@echo.
@echo Cet outil a ete teste plusieurs fois sur un PC volontairement infecte.
@echo Aucune defaillance n'a ete constatee apres utilisation de cet outil sur le PC
@echo Toute infection, quelle qu'elle soit, une fois installee peut causer des dommages sur votre ordinateur.
@echo La desinfection, quelle qu'elle soit, peut dans certains cas entrainer des anomalies de fonctionnement.
@echo Nous ne pourrions etre tenus comme responsables de toute defaillance ulterieure apres application de cet outil.
@echo.
@echo Remerciements a Metallica, gmer, S!ri, Bobby Flekman
@echo Remerciements a Malware analysis and Diagnostic
@echo Remerciements a A.Rothstein, bobette marlow, Eric_71 et synthexe
@echo.
@pause
@goto decompression
)
if %langue%==eng (
@echo                   !!! Warning !!!
@echo.
@echo   This fix was developed to detect and remove a specific adware.
@echo.
@echo Do not use this program unless instructed by an authorized
@echo helper, and follow the instructions as given by the Helper.
@echo.
@echo               Use it at your own risk.
@echo.
@pause
@cls
@echo.
@echo This fix has been tested on several computers infected with this 
@echo adware. No problems had been detected after the use of the fix.
@echo.
@echo Viral infections can cause damage on your computer
@echo Cleaning the malware, however, can sometimes cause issues in 
@echo your computer. We cannot be responsible for these issues.
@echo.
@echo Thanks to Metallica, gmer, S!ri, Bobby Flekman
@echo Thanks to Malware analysis and Diagnostic
@echo Thanks to A.Rothstein, bobette marlow and synthexe
@echo.
@pause
@goto decompression
)

:decompression
@cls
@if %langue%==fra @echo Verification installation/emplacement fichiers navilog1
@if %langue%==eng @echo Checking if the installation of navilog1 was done correctly.
@echo.
@echo %patient%
REM @if not exist "%chemin%\process.exe" (
REM @if %langue%==fra @echo Fichier process.exe %absent%
REM @if %langue%==eng @echo File process.exe %absent%
REM @if %langue%==fra @echo Desinstallez navilog1 puis reinstallez navilog1
REM @if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
REM @echo.
REM @if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
REM @if %langue%==eng @echo If persisting trouble, report this problem to the Helper
REM @echo.
REM @pause
REM @goto exit
REM )
@if not exist "%chemin%\catchme.exe" (
@if %langue%==fra @echo Fichier catchme.exe %absent%
@if %langue%==eng @echo File catchme.exe %absent%
@if %langue%==fra @echo Desinstallez navilog1 puis reinstallez navilog1
@if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
@echo.
@if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
@if %langue%==eng @echo If persisting trouble, report this problem to the Helper
@echo.
@pause
@goto exit
)
@if not exist "%chemin%\Navreb.bat" (
@if %langue%==fra @echo Fichier Navreb.bat %absent%
@if %langue%==eng @echo File Navreb.bat %absent%
@if %langue%==fra @echo Desinstallez navilog1 puis reinstallez navilog1
@if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
@echo.
@if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
@if %langue%==eng @echo If persisting trouble, report this problem to the Helper
@echo.
@pause
@goto exit
)
@if not exist "%chemin%egnavi.reg" (
@if %langue%==fra @echo Fichier regnavi.reg %absent%
@if %langue%==eng @echo File regnavi.reg %absent%
@if %langue%==fra @echo Desinstallez navilog1 puis reinstallez navilog1
@if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
@echo.
@if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
@if %langue%==eng @echo If persisting trouble, report this problem to the Helper
@echo.
@pause
@goto exit
)
@if not exist "%chemin%\Contents\Filess.bat" (
@if %langue%==fra @echo Fichier Filess.bat %absent%
@if %langue%==eng @echo File Filess.bat %absent%
@if %langue%==fra @echo Desinstallez Navilog1 puis reinstallez Navilog1
@if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
@echo.
@if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
@if %langue%==eng @echo If persisting trouble, report this problem to the Helper
@echo.
@pause
@goto exit
)
@if not exist "%chemin%\Contents\Folders.bat" (
@if %langue%==fra @echo Fichier Folders.bat %absent%
@if %langue%==eng @echo File Folders.bat %absent%
@if %langue%==fra @echo Desinstallez Navilog1 puis reinstallez Navilog1
@if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
@echo.
@if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
@if %langue%==eng @echo If persisting trouble, report this problem to the Helper
@echo.
@pause
@goto exit
)
@if not exist "%chemin%\Contents\Folderss.bat" (
@if %langue%==fra @echo Fichier Folderss.bat %absent%
@if %langue%==eng @echo File Folderss.bat %absent%
@if %langue%==fra @echo Desinstallez Navilog1 puis reinstallez Navilog1
@if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
@echo.
@if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
@if %langue%==eng @echo If persisting trouble, report this problem to the Helper
@echo.
@pause
@goto exit
)
@if not exist "%chemin%\Contents\Gnc2.bat" (
@if %langue%==fra @echo Fichier Gnc2.bat %absent%
@if %langue%==eng @echo File Gnc2.bat %absent%
@if %langue%==fra @echo Desinstallez Navilog1 puis reinstallez Navilog1
@if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
@echo.
@if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
@if %langue%==eng @echo If persisting trouble, report this problem to the Helper
@echo.
@pause
@goto exit
)
@if not exist "%chemin%\Contents\Gnc2su.bat" (
@if %langue%==fra @echo Fichier Gnc2su.bat %absent%
@if %langue%==eng @echo File Gnc2su.bat %absent%
@if %langue%==fra @echo Desinstallez Navilog1 puis reinstallez Navilog1
@if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
@echo.
@if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
@if %langue%==eng @echo If persisting trouble, report this problem to the Helper
@echo.
@pause
@goto exit
)
@if not exist "%chemin%\Contents\Gncs.bat" (
@if %langue%==fra @echo Fichier Gncs.bat %absent%
@if %langue%==eng @echo File Gncs.bat %absent%
@if %langue%==fra @echo Desinstallez Navilog1 puis reinstallez Navilog1
@if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
@echo.
@if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
@if %langue%==eng @echo If persisting trouble, report this problem to the Helper
@echo.
@pause
@goto exit
)
@if not exist "%chemin%\Contents\Gncssfil.bat" (
@if %langue%==fra @echo Fichier Gncssfil.bat %absent%
@if %langue%==eng @echo File Gncssfil.bat %absent%
@if %langue%==fra @echo Desinstallez Navilog1 puis reinstallez Navilog1
@if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
@echo.
@if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
@if %langue%==eng @echo If persisting trouble, report this problem to the Helper
@echo.
@pause
@goto exit
)
@if not exist "%chemin%\Contents\Heurs.bat" (
@if %langue%==fra @echo Fichier Heurs.bat %absent%
@if %langue%==eng @echo File Heurs.bat %absent%
@if %langue%==fra @echo Desinstallez Navilog1 puis reinstallez Navilog1
@if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
@echo.
@if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
@if %langue%==eng @echo If persisting trouble, report this problem to the Helper
@echo.
@pause
@goto exit
)
@if not exist "%chemin%\Contents\Orphus.bat" (
@if %langue%==fra @echo Fichier Orphus.bat %absent%
@if %langue%==eng @echo File Orphus.bat %absent%
@if %langue%==fra @echo Desinstallez Navilog1 puis reinstallez Navilog1
@if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
@echo.
@if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
@if %langue%==eng @echo If persisting trouble, report this problem to the Helper
@echo.
@pause
@goto exit
)
@if not exist "%chemin%\Contents\Heurss.bat" (
@if %langue%==fra @echo Fichier Heurss.bat %absent%
@if %langue%==eng @echo File Heurss.bat %absent%
@if %langue%==fra @echo Desinstallez Navilog1 puis reinstallez Navilog1
@if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
@echo.
@if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
@if %langue%==eng @echo If persisting trouble, report this problem to the Helper
@echo.
@pause
@goto exit
)
@if not exist "%chemin%\Contents\Wlist.bat" (
@if %langue%==fra @echo Fichier Wlist.bat %absent%
@if %langue%==eng @echo File Wlist.bat %absent%
@if %langue%==fra @echo Desinstallez Navilog1 puis reinstallez Navilog1
@if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
@echo.
@if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
@if %langue%==eng @echo If persisting trouble, report this problem to the Helper
@echo.
@pause
@goto exit
)
@if not exist "%chemin%	raite.bat" (
@if %langue%==fra @echo Fichier traite.bat %absent%
@if %langue%==eng @echo File traite.bat %absent%
@if %langue%==fra @echo Desinstallez navilog1 puis reinstallez navilog1
@if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
@echo.
@if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
@if %langue%==eng @echo If persisting trouble, report this problem to the Helper
@echo.
@pause
@goto exit
)
@if not exist "%chemin%	raite2.bat" (
@if %langue%==fra @echo Fichier traite2.bat %absent%
@if %langue%==eng @echo File traite2.bat %absent%
@if %langue%==fra @echo Desinstallez navilog1 puis reinstallez navilog1
@if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
@echo.
@if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
@if %langue%==eng @echo If persisting trouble, report this problem to the Helper
@echo.
@pause
@goto exit
)
@if not exist "%chemin%	raite3.bat" (
@if %langue%==fra @echo Fichier traite3.bat %absent%
@if %langue%==eng @echo File traite3.bat %absent%
@if %langue%==fra @echo Desinstallez navilog1 puis reinstallez navilog1
@if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
@echo.
@if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
@if %langue%==eng @echo If persisting trouble, report this problem to the Helper
@echo.
@pause
@goto exit
)
@if not exist "%chemin%
avilog1.bat" (
@if %langue%==fra @echo Fichier navilog1.bat %absent%
@if %langue%==eng @echo File navilog1.bat %absent%
@if %langue%==fra @echo Desinstallez navilog1 puis reinstallez navilog1
@if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
@echo.
@if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
@if %langue%==eng @echo If persisting trouble, report this problem to the Helper
@echo.
@pause
@goto exit
)
@if not exist "%chemin%\gnc.exe" (
@if %langue%==fra @echo Fichier gnc.exe %absent%
@if %langue%==eng @echo File gnc.exe %absent%
@if %langue%==fra @echo Desinstallez navilog1 puis reinstallez navilog1
@if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
@echo.
@if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
@if %langue%==eng @echo If persisting trouble, report this problem to the Helper
@echo.
@pause
@goto exit
)
@if not exist "%chemin%\GetPaths.exe" (
@if %langue%==fra @echo Fichier GetPaths.exe %absent%
@if %langue%==eng @echo File GetPaths.exe %absent%
@if %langue%==fra @echo Desinstallez navilog1 puis reinstallez navilog1
@if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
@echo.
@if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
@if %langue%==eng @echo If persisting trouble, report this problem to the Helper
@echo.
@pause
@goto exit
)
@if not exist "%chemin%eg.exe" (
@if %langue%==fra @echo Fichier reg.exe %absent%
@if %langue%==eng @echo File reg.exe %absent%
@if %langue%==fra @echo Desinstallez navilog1 puis reinstallez navilog1
@if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
@echo.
@if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
@if %langue%==eng @echo If persisting trouble, report this problem to the Helper
@echo.
@pause
@goto exit
)
@if not exist "%chemin%\oem2ansi.exe" (
@if %langue%==fra @echo Fichier oem2ansi.exe %absent%
@if %langue%==eng @echo File oem2ansi.exe %absent%
@if %langue%==fra @echo Desinstallez navilog1 puis reinstallez navilog1
@if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
@echo.
@if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
@if %langue%==eng @echo If persisting trouble, report this problem to the Helper
@echo.
@pause
@goto exit
)
@if not exist "%chemin%\OsV.exe" (
@if %langue%==fra @echo Fichier OsV.exe %absent%
@if %langue%==eng @echo File OsV.exe %absent%
@if %langue%==fra @echo Desinstallez navilog1 puis reinstallez navilog1
@if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
@echo.
@if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
@if %langue%==eng @echo If persisting trouble, report this problem to the Helper
@echo.
@pause
@goto exit
)
REM @if %mmos%==1 (
REM @if not exist "%chemin%eboot.exe" (
REM @if %langue%==fra @echo Fichier reboot.exe %absent%
REM @if %langue%==eng @echo File reboot.exe %absent%
REM @if %langue%==fra @echo Desinstallez navilog1 puis reinstallez navilog1
REM @if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
REM @echo.
REM @if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
REM @if %langue%==eng @echo If persisting trouble, report this problem to the Helper
REM @echo.
REM @pause
REM @goto exit
REM )
REM )
@echo.
@if %langue%==fra @echo Vous avez correctement installe navilog1 !
@if %langue%==eng @echo You've correctly installed navilog1 !
@echo.
@pause
@goto menu

:menu
@echo off
@if exist "%SystemDrive%\unpffc0?.txt" @del /q "%SystemDrive%\unpffc0?.txt"
@if exist "%chemin%egnavi1.reg" @del /q "%chemin%egnavi1.reg"

@cls

@if %manutxt%==1 goto nett0

@if %langue%==fra goto menufr
@if %langue%==eng goto menuen

:menufr
echo.
echo ÉÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ»
echo º             Fix Navipromo %sver%           º
echo º             (Uniquement 2000 / XP et Vista)       º
echo º                                                   º
echo º 1 - Recherche  1
                                   º
echo º                                                   º
echo º 2 - Desinfection automatique                      º
echo º                                                   º
echo º 3 - Desinfection automatique                      º
echo º     sans prise en charge resultats Catchme/GNS    º
echo º                                                   º
echo º 4 - Desinfection manuelle par saisie nom adware   º
echo º                                                   º 
echo º Q - Quitter                                       º
echo º                                                   º
echo ÈÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ¼
echo.
set /p choix=Votre choix 1,2,3,4,Q puis validez : 
@if %choix%==1 goto list1
@if %choix%==2 goto nett0
@if %choix%==3 goto nett0
@if %choix%==4 goto nett0
@if %choix%==Q goto :eof
@if %choix%==q goto :eof
@echo %choix% Erreur saisie dans le choix ! 
@goto menu

:menuen

echo.
echo ÉÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ»
echo º             Fix Navipromo %sver%           º
echo º             (Only for Windows 2000 / XP or Vista) º
echo º                                                   º
echo º 1 - Search                                        º
echo º                                                   º
echo º 2 - Automatic cleaning                            º
echo º                                                   º
echo º 3 - Automatic cleaning                            º
echo º     without results from Catchme/GNS scan         º
echo º                                                   º
echo º 4 - Manual removal by typing the adware name      º
echo º                                                   º 
echo º Q - Exit                                          º
echo º                                                   º
echo ÈÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ¼
echo.
set /p choix=Type your choice 1,2,3,4,Q and then press enter: 
@if %choix%==1 goto list1
@if %choix%==2 goto nett0
@if %choix%==3 goto nett0
@if %choix%==4 goto nett0
@if %choix%==Q goto :eof
@if %choix%==q goto :eof
@echo %choix% Error on choice ! 
@goto menu

:list1

@cls
@if exist "%chemin%\pbright.txt" @del /q "%chemin%\pbright.txt"
@if exist "%chemin%\suppauto.txt" @del /q "%chemin%\suppauto.txt"
@if exist "%chemin%\pasblbeta.txt" @del /q "%chemin%\pasblbeta.txt"
@if exist "%chemin%\suppmanu.txt" @del /q "%chemin%\suppmanu.txt"
@if exist "%chemin%\adwaremanu.txt" del /q "%chemin%\adwaremanu.txt"
@if exist "%chemin%\French.txt" @del /q "%chemin%\French.txt"
@if exist "%chemin%\English.txt" @del /q "%chemin%\English.txt"
@if exist "%chemin%\gnc1t.txt" del /q "%chemin%\gnc1t.txt"
@if exist "%chemin%\gncsuspt.txt" del /q "%chemin%\gncsuspt.txt"
@if exist "%chemin%echerok.txt" del /q "%chemin%echerok.txt"
@if exist "%chemin%egnavi1.reg" del /q "%chemin%egnavi1.reg"
@if exist "%chemin%\horfile.txt" del /q "%chemin%\horfile.txt"

if exist "%SystemDrive%\fixnavi.txt" del /q "%SystemDrive%\fixnavi.txt"

cd "%chemin%\Report" 2>NUL
if %errorlevel%==0 cd\
if %errorlevel%==1 md "%chemin%\Report"

@if %mmos%==1 (
@if not exist "%windir%\system32eg.exe" @copy "%chemin%eg.exe" "%windir%\system32" >NUL
)

@echo off
@echo.
@if %langue%==fra @echo Creation de la liste des programmes installes
@if %langue%==eng @echo Creating  a list of installed Software
@echo.
@echo %patient%
@echo.

(
@for /f "tokens=7 delims=\" %%a in ('@reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall"') do (
@reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\%%a" /v DisplayName 2>NUL>>%SystemDrive%\unpffc01.txt)
@for /f "tokens=3* delims=	" %%a in (%SystemDrive%\unpffc01.txt) do (
@echo %%a>>%SystemDrive%\unpffc02.txt)
@sort "%SystemDrive%\unpffc02.txt">"%SystemDrive%\unpffc03.txt"
if exist "%SystemDrive%\unpffc02.txt" del /q "%SystemDrive%\unpffc02.txt"
if exist "%SystemDrive%\unpffc01.txt" del /q "%SystemDrive%\unpffc01.txt"
)

@echo off
:list2
@if %langue%==fra (
@echo Search Navipromo %sver% commencé le %date% à %time%>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
@echo !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!>>%SystemDrive%\fixnavi.txt
@echo !!! Postez ce rapport sur le forum pour le faire analyser !!!>>%SystemDrive%\fixnavi.txt
@echo !!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
@echo Outil exécuté depuis %chemin%>>%SystemDrive%\fixnavi.txt
REM @echo Session actuelle : "%username%" | "%chemin%\oem2ansi.exe">>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
@echo Mise à jour le %smiseajour% par IL-MAFIOSO>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
REM @if not %vistaos%==1 (
REM @ver>>%SystemDrive%\fixnavi.txt
REM )
REM @if %vistaos%==1 (
REM @echo Microsoft Windows Vista %osversion% >>%SystemDrive%\fixnavi.txt
REM )
REM @for /f "tokens=1,2,3" %%a in ('%valeur%^|%version%') do @echo Internet Explorer : %%c >>%SystemDrive%\fixnavi.txt
REM @if %mmos%==0 (
REM @echo Système de fichiers : %Typdisk%>>%SystemDrive%\fixnavi.txt
REM )
if exist "%chemin%\OsV.exe" (
call "%chemin%\OsV.exe">>%SystemDrive%\fixnavi.txt
)
@echo.>>%SystemDrive%\fixnavi.txt
@if not defined safeboot_option @echo Recherche %modnormal%>>%SystemDrive%\fixnavi.txt
@if defined safeboot_option @echo Recherche %modechec%>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
@echo Search Navipromo %sver% commence le %date% a %time%
@echo. 
@echo !!! Attention,ce rapport peut indiquer des fichiers/programmes legitimes !!!
@echo !!! Postez ce rapport sur le forum pour le faire analyser !!!
@echo !!! Ne lancez pas la partie desinfection sans l'avis d'un specialiste !!!
@echo.
@echo.
if %mmos%==0 (
@echo *** Recherche Programmes installés ***>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
)
)

@if %langue%==eng (
@echo Search Navipromo %sver% began on %date% at %time%>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
@echo !!! Warning, this report may include legitimate files/programs !!!>>%SystemDrive%\fixnavi.txt
@echo !!! Post this report on the forum you are being helped !!!>>%SystemDrive%\fixnavi.txt
@echo !!! Don't continue with removal unless instructed by an authorized helper !!!>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
@echo Fix running from %chemin%>>%SystemDrive%\fixnavi.txt
REM @echo Actual User Account : "%username%" | "%chemin%\oem2ansi.exe">>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
@echo Updated on %smiseajour% by IL-MAFIOSO>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
REM @if not %vistaos%==1 (
REM @ver>>%SystemDrive%\fixnavi.txt
REM )
REM @if %vistaos%==1 (
REM @echo Microsoft Windows Vista %osversion% >>%SystemDrive%\fixnavi.txt
REM )
REM @for /f "tokens=1,2,3" %%a in ('%valeur%^|%version%') do @echo Version Internet Explorer : %%c>>%SystemDrive%\fixnavi.txt
REM @if %mmos%==0 (
REM @echo Filesystem type : %Typdisk%>>%SystemDrive%\fixnavi.txt
REM )
if exist "%chemin%\OsV.exe" (
call "%chemin%\OsV.exe">>fixnavi.txt
)
@echo.>>%SystemDrive%\fixnavi.txt
@if not defined safeboot_option @echo Search %modnormal%>>%SystemDrive%\fixnavi.txt
@if defined safeboot_option @echo Search %modechec%>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
@echo Search for Navipromo %sver% started on %date% at %time%
@echo. 
@echo !!! Warning, this report may include legitimate files/programs !!!
@echo !!! Post this report at the forum you are being helped !!!
@echo !!! Don't continue with removal unless instructed by an authorized helper !!!
@echo.
@echo.
if %mmos%==0 (
@echo *** Searching for installed Software ***>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
)
)
:suite6

if %mmos%==1 (
@if exist "%SystemDrive%\unpffc0?.txt" @del /q "%SystemDrive%\unpffc0?.txt"
goto suite7
)

@echo.
@echo.
@if %langue%==fra @echo *** Recherche programmes installes *** 
@if %langue%==eng @echo *** Searching for installed software *** 
@echo.
@echo %patient%
@echo.

if exist "%SystemDrive%\unpffc03.txt" (
type "%SystemDrive%\unpffc03.txt" | find /i /V "Windows Live">>"%SystemDrive%\unpffc04.txt"
)
if exist "%SystemDrive%\unpffc04.txt" (
type "%SystemDrive%\unpffc04.txt" | find /i /V "Sound">>"%SystemDrive%\unpffc05.txt"
)
if exist "%SystemDrive%\unpffc05.txt" (
type "%SystemDrive%\unpffc05.txt" | find /i /V "Blaster">>"%SystemDrive%\unpffc06.txt"
)
if exist "%SystemDrive%\unpffc06.txt" (
type "%SystemDrive%\unpffc06.txt" | find /i /V "Creative">>"%SystemDrive%\unpffc07.txt"
)
if exist "%SystemDrive%\unpffc07.txt" (
type "%SystemDrive%\unpffc07.txt" | find /i /V "Oregon">>"%SystemDrive%\unpffc08.txt"
)

if exist "%SystemDrive%\unpffc08.txt" (
@FINDSTR /c:"Favorit" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"go-astro" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"go-Astro" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"Go-astro" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"Go-Astro" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"GoAstro" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"goastro" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"Goastro" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"goAstro" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"GoRecord" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"HotTVPlayer" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"HotTvPlayer" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"Instant Access" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"Instant access" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"instant Access" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"instant access" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"InternetGameBox" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"Live-Player" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"MailSkinner" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"Mailskinner" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"mailskinner" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"mailSkinner" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"MessengerSkinner" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"Messengerskinner" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"messengerskinner" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"messengerSkinner" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"SudoPlanet" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"WebMediaPlayer" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"Web-Mediaplayer" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"Web-mediaplayer" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"web-mediaplayer" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"Web-Mediaplayer" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@echo.
@echo %rechter%
@echo.
)

@if exist "%SystemDrive%\unpffc0?.txt" @del /q "%SystemDrive%\unpffc0?.txt"

@goto suite7

:suite7

@echo.>>%SystemDrive%\fixnavi.txt
@echo *** %reche% %dossier% %dans% "%WINDIR%" ***>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt

@echo.
@echo *** %reche% %dossier% %dans% "%WINDIR%" ***
@echo.
@echo %patient%
@echo.
pushd %WINDIR%

IF EXIST "mc" echo %WINDIR%\mc %strouv%>>%SystemDrive%\fixnavi.txt
IF EXIST "mslagent" echo %WINDIR%\mslagent %strouv%>>%SystemDrive%\fixnavi.txt
IF EXIST "msskinner" echo %WINDIR%\msskinner %strouv%>>%SystemDrive%\fixnavi.txt
IF EXIST "navmpc" echo %WINDIR%
avmpc %strouv%>>%SystemDrive%\fixnavi.txt
IF EXIST "simcss" echo %WINDIR%\simcss %strouv%>>%SystemDrive%\fixnavi.txt
IF EXIST "wincomp" echo %WINDIR%\wincomp %strouv%>>%SystemDrive%\fixnavi.txt
IF EXIST "winmgts" echo %WINDIR%\winmgts %strouv%>>%SystemDrive%\fixnavi.txt
IF EXIST "wintrim" echo %WINDIR%\wintrim %strouv%>>%SystemDrive%\fixnavi.txt

popd
@echo %rechter%
@echo.
@goto suite8

:suite8
@echo.>>%SystemDrive%\fixnavi.txt
@echo *** %reche% %dossier% %dans% "%PROGRAMFILES%" ***>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt

@echo.
@echo *** %reche% %dossier% %dans% "%PROGRAMFILES%" *** 
@echo.
@echo %patient%
@echo.
pushd "%PROGRAMFILES%"
call "%chemin%\Contents\Folders.bat"
popd
@echo %rechter%
@echo.

@echo.>>%SystemDrive%\fixnavi.txt

if %vistaos%==1 (
pushd "%austartprg2%"
@echo *** %reche% %dossier% %dans% "%austartprg2%" ***>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
@echo.
@echo *** %reche% %dossier% %dans% "%austartprg2%" *** 
@echo.
@echo %patient%
@echo.
call "%chemin%\Contents\Folders.bat"
popd
@echo %rechter%
@echo.
@echo.>>%SystemDrive%\fixnavi.txt
)

if %vistaos%==0 (
pushd "%ALLUSERSPROFILE%\%MENDPRG%"
@echo *** %reche% %dossier% %dans% "%ALLUSERSPROFILE%\%MENDPRG%" ***>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
@echo.
@echo *** %reche% %dossier% %dans% "%ALLUSERSPROFILE%\%MENDPRG%" *** 
@echo.
@echo %patient%
@echo.
call "%chemin%\Contents\Folders.bat"
popd
@echo %rechter%
@echo.
@echo.>>%SystemDrive%\fixnavi.txt
)

if %vistaos%==1 (
pushd "%austartm2%"
@echo *** %reche% %dossier% %dans% "%austartm2%" ***>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
@echo.
@echo *** %reche% %dossier% %dans% "%austartm2%" *** 
@echo.
@echo %patient%
@echo.
call "%chemin%\Contents\Folders.bat"
popd
@echo %rechter%
@echo.
)

if %vistaos%==0 (
pushd "%ALLUSERSPROFILE%\%MENDM%"
@echo *** %reche% %dossier% %dans% "%ALLUSERSPROFILE%\%MENDM%" ***>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
@echo.
@echo *** %reche% %dossier% %dans% "%ALLUSERSPROFILE%\%MENDM%" *** 
@echo.
@echo %patient%
@echo.
call "%chemin%\Contents\Folders.bat"
popd
@echo %rechter%
@echo.
)

@goto suite8vista

:suite8vista
@if not %vistaos%==1 @goto suite8a
@pushd "%ProgramData%"
@echo.>>%SystemDrive%\fixnavi.txt
@echo *** %reche% %dossier% %dans% "%ProgramData%" ***>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
@echo.
@echo *** %reche% %dossier% %dans% "%ProgramData%" *** 
@echo.
@echo %patient%
@echo.
call "%chemin%\Contents\Folders.bat"
popd
@echo %rechter%
@echo.
@goto suite8vistab

:suite8vistab
@if not %vistaos%==1 @goto suite8a
pushd "%startprg2%" 2>NUL
@IF NOT ERRORLEVEL 1 (
@echo.>>%SystemDrive%\fixnavi.txt
@echo *** %reche% %dossier% %dans% "%startprg2%" ***>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
@echo.
@echo *** %reche% %dossier% %dans% "%startprg2%" *** 
@echo.
@echo %patient%
@echo.
call "%chemin%\Contents\Folders.bat"
popd
)

if exist "%temp%\session1.txt" del /q "%temp%\session1.txt"
if exist "%temp%\session2.txt" del /q "%temp%\session2.txt"
if exist "%temp%\session3.txt" del /q "%temp%\session3.txt"

pushd "%systemdrive%\%VISTAUSE%" 2>NUL

for /f "tokens=*" %%G in ('dir /b /a:d  ^| find /v "All Users" ^| find /v "Default User" ^| find /v "Default" ^| find /v "Public" ^| find /v "%username%"') do echo %%~fsG>>"%temp%\session1.txt"

popd

if exist "%temp%\session1.txt" (
for /f "delims=" %%G in ('type "%temp%\session1.txt"') do (
pushd "%%G"
if NOT ERRORLEVEL 1 (
echo %%G>>"%temp%\session2.txt"
popd
)
)
)

if exist "%temp%\session2.txt" (
for /f "delims=" %%G in ('type "%temp%\session2.txt"') do (
pushd "%%G\%VISDEMPRG" 2>NUL
if NOT ERRORLEVEL 1 (
echo %%G>>"%temp%\session3.txt"
popd
)
)
)

if exist "%temp%\session3.txt" (
for /f "delims=" %%G in ('type "%temp%\session3.txt"') do (

pushd "%%G\%VISDEMPRG%" 2>NUL

@echo.>>%SystemDrive%\fixnavi.txt
@echo *** %reche% %dossier% %dans% "%%G\%VISDEMPRG%" ***>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
@echo.
@echo *** %reche% %dossier% %dans% "%%G\%VISDEMPRG%" *** 
@echo.
@echo %patient%
@echo.
call "%chemin%\Contents\Folders.bat"
echo %rechter%
@echo.
popd
)
)

if exist "%temp%\session1.txt" del /q "%temp%\session1.txt"
if exist "%temp%\session2.txt" del /q "%temp%\session2.txt"
if exist "%temp%\session3.txt" del /q "%temp%\session3.txt"

@goto suite8vistad

:suite8vistad
@if not %vistaos%==1 @goto suite8a
@if not %vista3%==1 @goto suite8a
@echo.>>%SystemDrive%\fixnavi.txt
@echo *** %reche% %dossier% %dans% "%LOCALAPPDATA%\virtualstore\Program Files" ***>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
@echo.
@echo *** %reche% %dossier% %dans% "%LOCALAPPDATA%\virtualstore\Program Files" *** 
@echo.
@echo %patient%
@echo.
pushd "%LOCALAPPDATA%\virtualstore\Program Files"
call "%chemin%\Contents\Folders.bat"
popd
@echo %rechter%
@echo.

if exist "%temp%\session1.txt" del /q "%temp%\session1.txt"
if exist "%temp%\session2.txt" del /q "%temp%\session2.txt"
if exist "%temp%\session3.txt" del /q "%temp%\session3.txt"

pushd "%systemdrive%\%VISTAUSE%" 2>NUL

for /f "tokens=*" %%G in ('dir /b /a:d  ^| find /v "All Users" ^| find /v "Default User" ^| find /v "Default" ^| find /v "Public" ^| find /v "%username%"') do echo %%~fsG>>"%temp%\session1.txt"

popd

if exist "%temp%\session1.txt" (
for /f "delims=" %%G in ('type "%temp%\session1.txt"') do (
pushd "%%G"
if NOT ERRORLEVEL 1 (
echo %%G>>"%temp%\session2.txt"
popd
)
)
)

if exist "%temp%\session2.txt" (
for /f "delims=" %%G in ('type "%temp%\session2.txt"') do (
pushd "%%G\%VISTALOC%\virtualstore\Program Files" 2>NUL
if NOT ERRORLEVEL 1 (
echo %%G>>"%temp%\session3.txt"
popd
)
)
)

if exist "%temp%\session3.txt" (
for /f "delims=" %%G in ('type "%temp%\session3.txt"') do (

pushd "%%G\%VISTALOC%\virtualstore\Program Files" 2>NUL

@echo.>>%SystemDrive%\fixnavi.txt
@echo *** %reche% %dossier% %dans% "%%G\%VISTALOC%\virtualstore\Program Files" ***>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
@echo.
@echo *** %reche% %dossier% %dans% "%%G\%VISTALOC%\virtualstore\Program Files" *** 
@echo.
@echo %patient%
@echo.
call "%chemin%\Contents\Folders.bat"
popd
@echo %rechter%
@echo.
)
)

if exist "%temp%\session1.txt" del /q "%temp%\session1.txt"
if exist "%temp%\session2.txt" del /q "%temp%\session2.txt"
if exist "%temp%\session3.txt" del /q "%temp%\session3.txt"

@echo.>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt

pushd "%LOCALAPPDATA%"
@echo *** %reche% %dossier% %dans% "%LOCALAPPDATA%" ***>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
@echo.
@echo *** %reche% %dossier% %dans% "%LOCALAPPDATA%" ***
@echo.
@echo %patient%
@echo.
call "%chemin%\Contents\Folders.bat"
popd
@echo %rechter%
@echo.
@echo.>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt

if exist "%temp%\session1.txt" del /q "%temp%\session1.txt"
if exist "%temp%\session2.txt" del /q "%temp%\session2.txt"
if exist "%temp%\session3.txt" del /q "%temp%\session3.txt"

pushd "%systemdrive%\%VISTAUSE%" 2>NUL

for /f "tokens=*" %%G in ('dir /b /a:d  ^| find /v "All Users" ^| find /v "Default User" ^| find /v "Default" ^| find /v "Public" ^| find /v "%username%"') do echo %%~fsG>>"%temp%\session1.txt"

popd

if exist "%temp%\session1.txt" (
for /f "delims=" %%G in ('type "%temp%\session1.txt"') do (
pushd "%%G"
if NOT ERRORLEVEL 1 (
echo %%G>>"%temp%\session2.txt"
popd
)
)
)

if exist "%temp%\session2.txt" (
for /f "delims=" %%G in ('type "%temp%\session2.txt"') do (
pushd "%%G\%VISTALOC%" 2>NUL
if NOT ERRORLEVEL 1 (
echo %%G>>"%temp%\session3.txt"
popd
)
)
)

if exist "%temp%\session3.txt" (
for /f "delims=" %%G in ('type "%temp%\session3.txt"') do (
pushd "%%G\%VISTALOC%" 2>NUL
echo *** %reche% %dossier% %dans% "%%G\%VISTALOC%" *** | "%chemin%\oem2ansi.exe">>%SystemDrive%\fixnavi.txt
echo.>>%SystemDrive%\fixnavi.txt
call "%chemin%\Contents\Folders.bat"
popd
@echo %rechter%
@echo.
@echo.>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
)
)
if exist "%temp%\session1.txt" del /q "%temp%\session1.txt"
if exist "%temp%\session2.txt" del /q "%temp%\session2.txt"
if exist "%temp%\session3.txt" del /q "%temp%\session3.txt"

@goto suite8a

:suite8a
@if %vistaos%==1 @goto suite8b

@echo.>>%SystemDrive%\fixnavi.txt
@echo *** %reche% %dossier% %dans% "%auppdata2%" ***>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
@echo.
@echo *** %reche% %dossier% %dans% "%auppdata2%" ***
@echo.
@echo %patient%
@echo.
pushd "%auppdata2%"
call "%chemin%\Contents\Folders.bat"
popd
@echo. %rechter%
@echo.
@echo.>>%SystemDrive%\fixnavi.txt

@echo *** %reche% %dossier% %dans% "%USERPROFILE%\%APD%" *** | "%chemin%\oem2ansi.exe">>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
@echo.
@echo *** %reche% %dossier% %dans% "%USERPROFILE%\%APD%" ***
@echo.
@echo %patient%
@echo.
pushd "%USERPROFILE%"
pushd "%APD%"
call "%chemin%\Contents\Folders.bat"
popd
popd
echo %rechter%
if exist "%temp%\session1.txt" del /q "%temp%\session1.txt"
if exist "%temp%\session2.txt" del /q "%temp%\session2.txt"
if exist "%temp%\session3.txt" del /q "%temp%\session3.txt"

pushd "%systemdrive%\%DOCSET%" 2>NUL

for /f "tokens=*" %%G in ('dir /b /a:d  ^| find /v "All Users" ^| find /v "Default User" ^| find /v "NetworkService" ^| find /v "LocalService" ^| find /v "%username%"') do echo %%~fsG>>"%temp%\session1.txt"

popd

if exist "%temp%\session1.txt" (
for /f "delims=" %%G in ('type "%temp%\session1.txt"') do (
pushd "%%G"
if NOT ERRORLEVEL 1 (
echo %%G>>"%temp%\session2.txt"
popd
)
)
)

if exist "%temp%\session2.txt" (
for /f "delims=" %%G in ('type "%temp%\session2.txt"') do (
pushd "%%G\%APD%" 2>NUL
if NOT ERRORLEVEL 1 (
echo %%G>>"%temp%\session3.txt"
popd
)
)
)

if exist "%temp%\session3.txt" (
for /f "delims=" %%G in ('type "%temp%\session3.txt"') do (
pushd "%%G\%APD%" 2>NUL
echo.>>%SystemDrive%\fixnavi.txt
echo *** %reche% %dossier% %dans% "%%G\%APD%" *** | "%chemin%\oem2ansi.exe">>%SystemDrive%\fixnavi.txt
echo.>>%SystemDrive%\fixnavi.txt
echo.
echo *** %reche% %dossier% %dans% "%%G\%APD%" ***
echo.
echo %patient%
echo.
call "%chemin%\Contents\Folders.bat"
popd
echo %rechter%
echo.
)
)
if exist "%temp%\session1.txt" del /q "%temp%\session1.txt"
if exist "%temp%\session2.txt" del /q "%temp%\session2.txt"
if exist "%temp%\session3.txt" del /q "%temp%\session3.txt"


@echo.
@echo.>>%SystemDrive%\fixnavi.txt

@echo *** %reche% %dossier% %dans% "%USERPROFILE%\%LSAD%" *** | "%chemin%\oem2ansi.exe">>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
@echo.
@echo *** %reche% %dossier% %dans% "%USERPROFILE%\%LSAD%" *** | "%chemin%\oem2ansi.exe"
@echo.
@echo %patient%
@echo.

pushd "%USERPROFILE%"
pushd "%LSAD%"
call "%chemin%\Contents\Folders.bat"
echo %rechter%
echo.
popd
popd

if exist "%temp%\session1.txt" del /q "%temp%\session1.txt"
if exist "%temp%\session2.txt" del /q "%temp%\session2.txt"
if exist "%temp%\session3.txt" del /q "%temp%\session3.txt"

pushd "%systemdrive%\%DOCSET%" 2>NUL

for /f "tokens=*" %%G in ('dir /b /a:d  ^| find /v "All Users" ^| find /v "Default User" ^| find /v "NetworkService" ^| find /v "LocalService" ^| find /v "%username%"') do echo %%~fsG>>"%temp%\session1.txt"

popd

if exist "%temp%\session1.txt" (
for /f "delims=" %%G in ('type "%temp%\session1.txt"') do (
pushd "%%G"
if NOT ERRORLEVEL 1 (
echo %%G>>"%temp%\session2.txt"
popd
)
)
)

if exist "%temp%\session2.txt" (
for /f "delims=" %%G in ('type "%temp%\session2.txt"') do (
pushd "%%G\%LSAD%" 2>NUL
if NOT ERRORLEVEL 1 (
echo %%G>>"%temp%\session3.txt"
popd
)
)
)

if exist "%temp%\session3.txt" (
for /f "delims=" %%G in ('type "%temp%\session3.txt"') do (
pushd "%%G\%LSAD%" 2>NUL
echo.>>%SystemDrive%\fixnavi.txt
echo *** %reche% %dossier% %dans% "%%G\%LSAD%" *** | "%chemin%\oem2ansi.exe">>%SystemDrive%\fixnavi.txt
echo.>>%SystemDrive%\fixnavi.txt
echo.
echo *** %reche% %dossier% %dans% "%%G\%LSAD%" ***
echo.
echo %patient%
echo.
call "%chemin%\Contents\Folders.bat"
popd
echo %rechter%
echo.
)
)
if exist "%temp%\session1.txt" del /q "%temp%\session1.txt"
if exist "%temp%\session2.txt" del /q "%temp%\session2.txt"
if exist "%temp%\session3.txt" del /q "%temp%\session3.txt"

@echo.>>%SystemDrive%\fixnavi.txt
@echo *** %reche% %dossier% %dans% "%USERPROFILE%\%MENDPRG%" *** | "%chemin%\oem2ansi.exe">>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
@echo.
@echo *** %reche% %dossier% %dans% "%USERPROFILE%\%MENDPRG%" *** | "%chemin%\oem2ansi.exe"
@echo.
@echo %patient%
@echo.

pushd "%USERPROFILE%"
pushd "%MENDPRG%"
call "%chemin%\Contents\Folders.bat"
echo %rechter%
echo.
popd
popd

if exist "%temp%\session1.txt" del /q "%temp%\session1.txt"
if exist "%temp%\session2.txt" del /q "%temp%\session2.txt"
if exist "%temp%\session3.txt" del /q "%temp%\session3.txt"

pushd "%systemdrive%\%DOCSET%" 2>NUL

for /f "tokens=*" %%G in ('dir /b /a:d  ^| find /v "All Users" ^| find /v "Default User" ^| find /v "NetworkService" ^| find /v "

plopus · Answer

relance nailog et fait option 2 puis poste le rapport

telecharge hijacthis

https://www.01net.com/telecharger/windows/Securite/anti-spyware/fiches/29061.html

et choisit DO A SCAN AND SAVE THE LOG et poste le rapport

sevellec · Answer

rebonjour
voici le rapport navilog en option 2 hisjackthis
j'ai eu un boqueur au moment du telechargement sur 01dunetcle par spy bot: http/yiemanager.com/?ad type =ifram identifie rightmedia.
navilog:
@rem Fix Navipromo 
@rem pour Windows 2000/XP/Vista exclusivement
@rem for Windows 2000/XP/Vista only
@rem Copyright IL-MAFIOSO
@rem Process.exe par Craig.Peacock added https://www.beyondlogic.org/
@rem Reboot.exe par Shadowar/Option^Explicit added
@rem Gnc.exe par IL-MAFIOSO - Credits : "Malware Analysis & Diagnostic"
@rem Catchme.exe par gmer added http://www.gmer.net
@rem Getpaths.exe par A.Rothstein

@echo off
TITLE Navilog1 by IL-MAFIOSO
COLOR 1F
@set chemin=%PROGRAMFILES%
avilog1

cd "%chemin%\Backupnavi" 2>NUL
if %errorlevel%==0 cd\
if %errorlevel%==1 md "%chemin%\Backupnavi"
cd "%chemin%\Safebackup" 2>NUL
if %errorlevel%==0 cd\
if %errorlevel%==1 md "%chemin%\Safebackup"
cd "%chemin%\Report" 2>NUL
if %errorlevel%==0 cd\
if %errorlevel%==1 md "%chemin%\Report"

@set genproc=0
@if exist "%systemdrive%\gennavi.txt" (
@set /a genproc=%genproc%+1
)

@set manutxt=0
@if exist "%chemin%\Navscript.txt" (
@set /a manutxt=%manutxt%+1
)

if %genproc%==1 (
set manutxt=0
@if exist "%chemin%\Navscript.txt" del /q "%chemin%\Navscript.txt"
)

%systemdrive%
cd\

@if exist "%chemin%\suppauto.txt" @goto scanreboot
@if exist "%chemin%\pasblbeta.txt" @goto scanreboot
@if exist "%chemin%\suppmanu.txt" @goto scanreboot

:choixlangue
echo          ÉÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ»
echo          º           Selectionnez votre langue               º
echo          º              Select your language                 º
echo          º                                                   º
echo          º           Tapez F ou f pour Francais        f
      º
echo          º                                                   º
echo          º           Tapez E ou e pour Anglais               º
echo          º                                                   º
echo          º           Tapez Q ou q pour Quitter               º
echo          º                                                   º
echo          º           Type F or f for French                  º
echo          º                                                   º
echo          º           Type E or e for English                 º
echo          º                                                   º 
echo          º           Q or q - Quitter (Exit)                 º
echo          º                                                   º
echo          ÈÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ¼
@echo.
set /p choixlang=Votre choix puis validez/Your choice and then press enter (E,e,F,f,Q,q) : 
@if %choixlang%==e goto vareng
@if %choixlang%==E goto vareng
@if %choixlang%==F goto varfr
@if %choixlang%==f goto varfr
@if %choixlang%==Q goto exit
@if %choixlang%==q goto exit
@echo %choixlang% Erreur saisie !/Error on Choice ! 
@cls
@goto choixlangue

:scanreboot

@if exist "%chemin%\French.txt" @goto varfr
@if exist "%chemin%\English.txt" @goto vareng

:varfr
@set valeur=reg query "HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer" /v Version
@set version=findstr /I /L /C:"REG_SZ"
@set mmos=0
@set xpos=0
@set dsulsap=0
@set vistaos=0
@set vista1=0
@set vista2=0
@set vista3=0
@set vista4=0
@set strouv=trouvé !
@set tentsup=...suppression...
@set supdos=Suppression
@set ssupp=supprimé !
@set errsup=!!ERREUR SUPPRESSION!!
@set absent=absent !
@set patient=Veuillez patienter
@set rechter=Recherche terminee
@set rechin=Recherche dans
@set reche=Recherche
@set dossier=dossiers
@set fichier=fichiers
@set dans=dans
@set cop=Copie
@set dupli=réalisée avec succès !
@set sver=version 3.7.1
@set smiseajour=02.01.2009 à 19h00
@set modnormal=executé en mode normal
@set modechec=executé en mode sans échec
@set langue=fra
@set rapp=Rapport réalisé le
@set echec=Echec
@set dossback=vers dossier Backupnavi
@set non=non
@goto controlversion

:vareng
@set valeur=reg query "HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer" /v Version
@set version=findstr /I /L /C:"REG_SZ"
@set mmos=0
@set xpos=0
@set vistaos=0
@set vista1=0
@set vista2=0
@set vista3=0
@set vista4=0
@set strouv=found !
@set tentsup=...deleting...
@set supdos=Deleting
@set ssupp=deleted !
@set errsup=!!DELETING FAILED!!
@set absent=not found !
@set patient=Please wait
@set rechter=Search finished
@set rechin=Search in
@set reche=Search
@set dossier=folders
@set fichier=files
@set dans=in
@set cop=Copy
@set dupli=done !
@set sver=version 3.7.1
@set smiseajour=02.01.2009 at 19h00
@set modnormal=done in normal mode
@set modechec=done in safe mode
@set langue=eng
@set rapp=Scan completed
@set echec=Fail
@set dossback=to Backupnavi folder
@set non=no
@goto controlversion

:controlversion
@ver |find "Windows XP" >nul: 
@if %errorlevel%==1 goto controlversion2
@if %errorlevel%==0 (
@set /a xpos=%xpos%+1
@goto debut
)

:controlversion2
@set OSVersionSwap=%systemroot%	emp\osversionwap.txt
@set OsVersionTxt=%systemroot%	emp\osversion.txt
@ver | findstr "[" > %OSVersionSwap%
@for /f "tokens=2 delims=[" %%i in (%OSVersionSwap%) do echo %%i > %OsVersionTxt%
@for /f "tokens=2 delims=] " %%i in (%OsVersionTxt%) do set osversion=%%i
@if "%osversion%" LSS "6.0" goto controlversion3
@if not "%osversion%" LSS "6.0" (
@set /a vistaos=%vistaos%+1
@CD "%LOCALAPPDATA%\Microsoft" 2>NUL
@IF NOT ERRORLEVEL 1 set /a vista1=%vista1%+1
cd\
@CD "%LOCALAPPDATA%\virtualstore\windows\system32" 2>NUL
@IF NOT ERRORLEVEL 1 set /a vista2=%vista2%+1
cd\
@CD "%LOCALAPPDATA%\virtualstore\Program Files" 2>NUL
@IF NOT ERRORLEVEL 1 set /a vista3=%vista3%+1
cd\
@CD "%LOCALAPPDATA%" 2>NUL
@IF NOT ERRORLEVEL 1 set /a vista4=%vista4%+1
cd\
@goto debut
)

:controlversion3
@ver |find "Windows 2000" >nul: 
@if %errorlevel%==1 goto controlversion4
@if %errorlevel%==0 (
@set /a mmos=%mmos%+1
goto debut
)

:controlversion4
@ver |find "Windows Trust" >nul: 
@if %errorlevel%==1 goto mauvver
@if %errorlevel%==0 (
@set /a xpos=%xpos%+1
@goto debut
)

:mauvver
@cls
@echo.
@if %langue%==fra @echo Cet outil ne fonctionne que sous Windows 2000 / XP ou Vista
@if %langue%==eng @echo This fix runs only with Windows 2000 / XP or Vista 
@echo.
@if %langue%==fra @echo Desinstallez Navilog1 via ajout supp des programmes
@if %langue%==eng @echo Uninstall Navilog1 via add remove programs panel
@echo.
@if %langue%==fra @echo L'outil va être interrompu
@if %langue%==eng @echo Fix will be stopped
@echo.
@pause
@exit

:debut
@cls
@echo %patient%

@if not exist "%chemin%\GetPaths.exe" goto decompression

@if exist "%systemdrive%\GetPaths.bat" del /q "%systemdrive%\GetPaths.bat"
@call "%chemin%\GetPaths.exe"
@call "%systemdrive%\GetPaths.bat"
@if exist "%systemdrive%\GetPaths.bat" del /q "%systemdrive%\GetPaths.bat"

for /f "tokens=1-5 delims=\" %%A in ("%dsculsad2%" ) do (set DOCSET=%%B& set LS=%%D& set APD=%%E& set LSAD=%%D\%%E)

@if exist tempnav.txt del /q tempnav.txt
@echo %startprg2%>tempnav.txt
@for /f "tokens=4 delims=\" %%a in ('@type "tempnav.txt"') do (
@set "MENDM=%%a"
)
@for /f "tokens=5 delims=\" %%a in ('@type "tempnav.txt"') do (
@set PRGS=%%a
)
@set "MENDPRG=%MENDM%\%PRGS%"
@if exist tempnav.txt del /q tempnav.txt

@if %vistaos%==1 (
for /f "tokens=1-5 delims=\" %%A in ("%LocalAppData%") do (set VISTAUSE=%%B& set VISTAA=%%D& set VISTAB=%%E& set VISTALOC=%%D\%%E)
)

if %vistaos%==1 (
for /f "tokens=1-9 delims=\" %%A in ("%startprg2%") do (set VISDEMPRG=%%D\%%E\%%F\%%G\%%H\%%I& set ROAMVISTA=%%D\%%E)
)

if exist "%chemin%esvar.txt" del /q "%chemin%esvar.txt"

if %vistaos%==1 (
echo %VISTAUSE%>>"%chemin%esvar.txt"
echo %VISTAA%>>"%chemin%esvar.txt"
echo %VISTAB%>>"%chemin%esvar.txt"
)
if %vistaos%==0 (
echo %DOCSET%>>"%chemin%esvar.txt"
echo %LS%>>"%chemin%esvar.txt"
echo %APD%>>"%chemin%esvar.txt"
)
if exist "%chemin%esvar.txt" (
FINDSTR /c:"ECHO" "%chemin%esvar.txt"
if not errorlevel 1 goto mauvpat
)
if exist "%chemin%esvar.txt" del /q "%chemin%esvar.txt"

@if %mmos%==0 (
@if exist tmp.txt del tmp.txt
@if exist tmp2.txt del tmp2.txt
@if exist tmp3.txt del tmp3.txt
@chkntfs %systemdrive% | find /V "%systemdrive%">tmp.txt
@type tmp.txt | find /i "NTFS">tmp2.txt
@for /f "tokens=* delims=" %%a in (tmp2.txt) do echo %%a>tmp3.txt
@if exist tmp3.txt set Typdisk=NTFS
@if exist tmp3.txt del tmp3.txt
@type tmp.txt | find /i "FAT32">tmp2.txt
@for /f "tokens=* delims=" %%a in (tmp2.txt) do echo %%a>tmp3.txt
@if exist tmp3.txt set Typdisk=FAT32
@if exist tmp.txt del tmp.txt
@if exist tmp2.txt del tmp2.txt
@if exist tmp3.txt del tmp3.txt
)

goto lancement

:lancement

if exist "%chemin%\Folders1.txt" del /q "%chemin%\Folders1.txt"
if exist "%chemin%\Folders2.txt" del /q "%chemin%\Folders2.txt"

@if exist "%chemin%\suppauto.txt" @goto startclean
@if exist "%chemin%\pasblbeta.txt" @goto startclean
@if exist "%chemin%\suppmanu.txt" @goto startclean

@echo off
@cls
@if %langue%==fra (
@echo !!! Avertissement !!!
@echo.
@echo Cet outil a ete concu pour traiter un certain type d'infection bien precis
@echo.
@echo Ne l'utilisez que lorsqu'une personne competente vous l'aura demande
@echo et suivez scrupuleusement ses instructions.
@echo.
@echo Tout usage par votre propre initiative ou modification du batch
@echo engagera votre entiere responsabilite.
@echo.
@pause
@cls
@echo.
@echo Cet outil a ete teste plusieurs fois sur un PC volontairement infecte.
@echo Aucune defaillance n'a ete constatee apres utilisation de cet outil sur le PC
@echo Toute infection, quelle qu'elle soit, une fois installee peut causer des dommages sur votre ordinateur.
@echo La desinfection, quelle qu'elle soit, peut dans certains cas entrainer des anomalies de fonctionnement.
@echo Nous ne pourrions etre tenus comme responsables de toute defaillance ulterieure apres application de cet outil.
@echo.
@echo Remerciements a Metallica, gmer, S!ri, Bobby Flekman
@echo Remerciements a Malware analysis and Diagnostic
@echo Remerciements a A.Rothstein, bobette marlow, Eric_71 et synthexe
@echo.
@pause
@goto decompression
)
if %langue%==eng (
@echo                   !!! Warning !!!
@echo.
@echo   This fix was developed to detect and remove a specific adware.
@echo.
@echo Do not use this program unless instructed by an authorized
@echo helper, and follow the instructions as given by the Helper.
@echo.
@echo               Use it at your own risk.
@echo.
@pause
@cls
@echo.
@echo This fix has been tested on several computers infected with this 
@echo adware. No problems had been detected after the use of the fix.
@echo.
@echo Viral infections can cause damage on your computer
@echo Cleaning the malware, however, can sometimes cause issues in 
@echo your computer. We cannot be responsible for these issues.
@echo.
@echo Thanks to Metallica, gmer, S!ri, Bobby Flekman
@echo Thanks to Malware analysis and Diagnostic
@echo Thanks to A.Rothstein, bobette marlow and synthexe
@echo.
@pause
@goto decompression
)

:decompression
@cls
@if %langue%==fra @echo Verification installation/emplacement fichiers navilog1
@if %langue%==eng @echo Checking if the installation of navilog1 was done correctly.
@echo.
@echo %patient%
REM @if not exist "%chemin%\process.exe" (
REM @if %langue%==fra @echo Fichier process.exe %absent%
REM @if %langue%==eng @echo File process.exe %absent%
REM @if %langue%==fra @echo Desinstallez navilog1 puis reinstallez navilog1
REM @if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
REM @echo.
REM @if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
REM @if %langue%==eng @echo If persisting trouble, report this problem to the Helper
REM @echo.
REM @pause
REM @goto exit
REM )
@if not exist "%chemin%\catchme.exe" (
@if %langue%==fra @echo Fichier catchme.exe %absent%
@if %langue%==eng @echo File catchme.exe %absent%
@if %langue%==fra @echo Desinstallez navilog1 puis reinstallez navilog1
@if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
@echo.
@if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
@if %langue%==eng @echo If persisting trouble, report this problem to the Helper
@echo.
@pause
@goto exit
)
@if not exist "%chemin%\Navreb.bat" (
@if %langue%==fra @echo Fichier Navreb.bat %absent%
@if %langue%==eng @echo File Navreb.bat %absent%
@if %langue%==fra @echo Desinstallez navilog1 puis reinstallez navilog1
@if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
@echo.
@if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
@if %langue%==eng @echo If persisting trouble, report this problem to the Helper
@echo.
@pause
@goto exit
)
@if not exist "%chemin%egnavi.reg" (
@if %langue%==fra @echo Fichier regnavi.reg %absent%
@if %langue%==eng @echo File regnavi.reg %absent%
@if %langue%==fra @echo Desinstallez navilog1 puis reinstallez navilog1
@if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
@echo.
@if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
@if %langue%==eng @echo If persisting trouble, report this problem to the Helper
@echo.
@pause
@goto exit
)
@if not exist "%chemin%\Contents\Filess.bat" (
@if %langue%==fra @echo Fichier Filess.bat %absent%
@if %langue%==eng @echo File Filess.bat %absent%
@if %langue%==fra @echo Desinstallez Navilog1 puis reinstallez Navilog1
@if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
@echo.
@if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
@if %langue%==eng @echo If persisting trouble, report this problem to the Helper
@echo.
@pause
@goto exit
)
@if not exist "%chemin%\Contents\Folders.bat" (
@if %langue%==fra @echo Fichier Folders.bat %absent%
@if %langue%==eng @echo File Folders.bat %absent%
@if %langue%==fra @echo Desinstallez Navilog1 puis reinstallez Navilog1
@if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
@echo.
@if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
@if %langue%==eng @echo If persisting trouble, report this problem to the Helper
@echo.
@pause
@goto exit
)
@if not exist "%chemin%\Contents\Folderss.bat" (
@if %langue%==fra @echo Fichier Folderss.bat %absent%
@if %langue%==eng @echo File Folderss.bat %absent%
@if %langue%==fra @echo Desinstallez Navilog1 puis reinstallez Navilog1
@if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
@echo.
@if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
@if %langue%==eng @echo If persisting trouble, report this problem to the Helper
@echo.
@pause
@goto exit
)
@if not exist "%chemin%\Contents\Gnc2.bat" (
@if %langue%==fra @echo Fichier Gnc2.bat %absent%
@if %langue%==eng @echo File Gnc2.bat %absent%
@if %langue%==fra @echo Desinstallez Navilog1 puis reinstallez Navilog1
@if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
@echo.
@if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
@if %langue%==eng @echo If persisting trouble, report this problem to the Helper
@echo.
@pause
@goto exit
)
@if not exist "%chemin%\Contents\Gnc2su.bat" (
@if %langue%==fra @echo Fichier Gnc2su.bat %absent%
@if %langue%==eng @echo File Gnc2su.bat %absent%
@if %langue%==fra @echo Desinstallez Navilog1 puis reinstallez Navilog1
@if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
@echo.
@if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
@if %langue%==eng @echo If persisting trouble, report this problem to the Helper
@echo.
@pause
@goto exit
)
@if not exist "%chemin%\Contents\Gncs.bat" (
@if %langue%==fra @echo Fichier Gncs.bat %absent%
@if %langue%==eng @echo File Gncs.bat %absent%
@if %langue%==fra @echo Desinstallez Navilog1 puis reinstallez Navilog1
@if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
@echo.
@if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
@if %langue%==eng @echo If persisting trouble, report this problem to the Helper
@echo.
@pause
@goto exit
)
@if not exist "%chemin%\Contents\Gncssfil.bat" (
@if %langue%==fra @echo Fichier Gncssfil.bat %absent%
@if %langue%==eng @echo File Gncssfil.bat %absent%
@if %langue%==fra @echo Desinstallez Navilog1 puis reinstallez Navilog1
@if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
@echo.
@if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
@if %langue%==eng @echo If persisting trouble, report this problem to the Helper
@echo.
@pause
@goto exit
)
@if not exist "%chemin%\Contents\Heurs.bat" (
@if %langue%==fra @echo Fichier Heurs.bat %absent%
@if %langue%==eng @echo File Heurs.bat %absent%
@if %langue%==fra @echo Desinstallez Navilog1 puis reinstallez Navilog1
@if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
@echo.
@if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
@if %langue%==eng @echo If persisting trouble, report this problem to the Helper
@echo.
@pause
@goto exit
)
@if not exist "%chemin%\Contents\Orphus.bat" (
@if %langue%==fra @echo Fichier Orphus.bat %absent%
@if %langue%==eng @echo File Orphus.bat %absent%
@if %langue%==fra @echo Desinstallez Navilog1 puis reinstallez Navilog1
@if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
@echo.
@if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
@if %langue%==eng @echo If persisting trouble, report this problem to the Helper
@echo.
@pause
@goto exit
)
@if not exist "%chemin%\Contents\Heurss.bat" (
@if %langue%==fra @echo Fichier Heurss.bat %absent%
@if %langue%==eng @echo File Heurss.bat %absent%
@if %langue%==fra @echo Desinstallez Navilog1 puis reinstallez Navilog1
@if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
@echo.
@if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
@if %langue%==eng @echo If persisting trouble, report this problem to the Helper
@echo.
@pause
@goto exit
)
@if not exist "%chemin%\Contents\Wlist.bat" (
@if %langue%==fra @echo Fichier Wlist.bat %absent%
@if %langue%==eng @echo File Wlist.bat %absent%
@if %langue%==fra @echo Desinstallez Navilog1 puis reinstallez Navilog1
@if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
@echo.
@if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
@if %langue%==eng @echo If persisting trouble, report this problem to the Helper
@echo.
@pause
@goto exit
)
@if not exist "%chemin%	raite.bat" (
@if %langue%==fra @echo Fichier traite.bat %absent%
@if %langue%==eng @echo File traite.bat %absent%
@if %langue%==fra @echo Desinstallez navilog1 puis reinstallez navilog1
@if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
@echo.
@if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
@if %langue%==eng @echo If persisting trouble, report this problem to the Helper
@echo.
@pause
@goto exit
)
@if not exist "%chemin%	raite2.bat" (
@if %langue%==fra @echo Fichier traite2.bat %absent%
@if %langue%==eng @echo File traite2.bat %absent%
@if %langue%==fra @echo Desinstallez navilog1 puis reinstallez navilog1
@if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
@echo.
@if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
@if %langue%==eng @echo If persisting trouble, report this problem to the Helper
@echo.
@pause
@goto exit
)
@if not exist "%chemin%	raite3.bat" (
@if %langue%==fra @echo Fichier traite3.bat %absent%
@if %langue%==eng @echo File traite3.bat %absent%
@if %langue%==fra @echo Desinstallez navilog1 puis reinstallez navilog1
@if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
@echo.
@if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
@if %langue%==eng @echo If persisting trouble, report this problem to the Helper
@echo.
@pause
@goto exit
)
@if not exist "%chemin%
avilog1.bat" (
@if %langue%==fra @echo Fichier navilog1.bat %absent%
@if %langue%==eng @echo File navilog1.bat %absent%
@if %langue%==fra @echo Desinstallez navilog1 puis reinstallez navilog1
@if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
@echo.
@if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
@if %langue%==eng @echo If persisting trouble, report this problem to the Helper
@echo.
@pause
@goto exit
)
@if not exist "%chemin%\gnc.exe" (
@if %langue%==fra @echo Fichier gnc.exe %absent%
@if %langue%==eng @echo File gnc.exe %absent%
@if %langue%==fra @echo Desinstallez navilog1 puis reinstallez navilog1
@if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
@echo.
@if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
@if %langue%==eng @echo If persisting trouble, report this problem to the Helper
@echo.
@pause
@goto exit
)
@if not exist "%chemin%\GetPaths.exe" (
@if %langue%==fra @echo Fichier GetPaths.exe %absent%
@if %langue%==eng @echo File GetPaths.exe %absent%
@if %langue%==fra @echo Desinstallez navilog1 puis reinstallez navilog1
@if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
@echo.
@if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
@if %langue%==eng @echo If persisting trouble, report this problem to the Helper
@echo.
@pause
@goto exit
)
@if not exist "%chemin%eg.exe" (
@if %langue%==fra @echo Fichier reg.exe %absent%
@if %langue%==eng @echo File reg.exe %absent%
@if %langue%==fra @echo Desinstallez navilog1 puis reinstallez navilog1
@if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
@echo.
@if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
@if %langue%==eng @echo If persisting trouble, report this problem to the Helper
@echo.
@pause
@goto exit
)
@if not exist "%chemin%\oem2ansi.exe" (
@if %langue%==fra @echo Fichier oem2ansi.exe %absent%
@if %langue%==eng @echo File oem2ansi.exe %absent%
@if %langue%==fra @echo Desinstallez navilog1 puis reinstallez navilog1
@if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
@echo.
@if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
@if %langue%==eng @echo If persisting trouble, report this problem to the Helper
@echo.
@pause
@goto exit
)
@if not exist "%chemin%\OsV.exe" (
@if %langue%==fra @echo Fichier OsV.exe %absent%
@if %langue%==eng @echo File OsV.exe %absent%
@if %langue%==fra @echo Desinstallez navilog1 puis reinstallez navilog1
@if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
@echo.
@if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
@if %langue%==eng @echo If persisting trouble, report this problem to the Helper
@echo.
@pause
@goto exit
)
REM @if %mmos%==1 (
REM @if not exist "%chemin%eboot.exe" (
REM @if %langue%==fra @echo Fichier reboot.exe %absent%
REM @if %langue%==eng @echo File reboot.exe %absent%
REM @if %langue%==fra @echo Desinstallez navilog1 puis reinstallez navilog1
REM @if %langue%==eng @echo Uninstall Navilog1 then re-install navilog1
REM @echo.
REM @if %langue%==fra @echo Si le probleme persiste transmettez ce probleme au Helper 
REM @if %langue%==eng @echo If persisting trouble, report this problem to the Helper
REM @echo.
REM @pause
REM @goto exit
REM )
REM )
@echo.
@if %langue%==fra @echo Vous avez correctement installe navilog1 !
@if %langue%==eng @echo You've correctly installed navilog1 !
@echo.
@pause
@goto menu

:menu
@echo off
@if exist "%SystemDrive%\unpffc0?.txt" @del /q "%SystemDrive%\unpffc0?.txt"
@if exist "%chemin%egnavi1.reg" @del /q "%chemin%egnavi1.reg"

@cls

@if %manutxt%==1 goto nett0

@if %langue%==fra goto menufr
@if %langue%==eng goto menuen

:menufr
echo.
echo ÉÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ»
echo º             Fix Navipromo %sver%           º
echo º             (Uniquement 2000 / XP et Vista)       º
echo º                                                   º
echo º 1 - Recherche  1
                                   º
echo º                                                   º
echo º 2 - Desinfection automatique                      º
echo º                                                   º
echo º 3 - Desinfection automatique                      º
echo º     sans prise en charge resultats Catchme/GNS    º
echo º                                                   º
echo º 4 - Desinfection manuelle par saisie nom adware   º
echo º                                                   º 
echo º Q - Quitter                                       º
echo º                                                   º
echo ÈÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ¼
echo.
set /p choix=Votre choix 1,2,3,4,Q puis validez : 
@if %choix%==1 goto list1
@if %choix%==2 goto nett0
@if %choix%==3 goto nett0
@if %choix%==4 goto nett0
@if %choix%==Q goto :eof
@if %choix%==q goto :eof
@echo %choix% Erreur saisie dans le choix ! 
@goto menu

:menuen

echo.
echo ÉÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ»
echo º             Fix Navipromo %sver%           º
echo º             (Only for Windows 2000 / XP or Vista) º
echo º                                                   º
echo º 1 - Search                                        º
echo º                                                   º
echo º 2 - Automatic cleaning                            º
echo º                                                   º
echo º 3 - Automatic cleaning                            º
echo º     without results from Catchme/GNS scan         º
echo º                                                   º
echo º 4 - Manual removal by typing the adware name      º
echo º                                                   º 
echo º Q - Exit                                          º
echo º                                                   º
echo ÈÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ¼
echo.
set /p choix=Type your choice 1,2,3,4,Q and then press enter: 
@if %choix%==1 goto list1
@if %choix%==2 goto nett0
@if %choix%==3 goto nett0
@if %choix%==4 goto nett0
@if %choix%==Q goto :eof
@if %choix%==q goto :eof
@echo %choix% Error on choice ! 
@goto menu

:list1

@cls
@if exist "%chemin%\pbright.txt" @del /q "%chemin%\pbright.txt"
@if exist "%chemin%\suppauto.txt" @del /q "%chemin%\suppauto.txt"
@if exist "%chemin%\pasblbeta.txt" @del /q "%chemin%\pasblbeta.txt"
@if exist "%chemin%\suppmanu.txt" @del /q "%chemin%\suppmanu.txt"
@if exist "%chemin%\adwaremanu.txt" del /q "%chemin%\adwaremanu.txt"
@if exist "%chemin%\French.txt" @del /q "%chemin%\French.txt"
@if exist "%chemin%\English.txt" @del /q "%chemin%\English.txt"
@if exist "%chemin%\gnc1t.txt" del /q "%chemin%\gnc1t.txt"
@if exist "%chemin%\gncsuspt.txt" del /q "%chemin%\gncsuspt.txt"
@if exist "%chemin%echerok.txt" del /q "%chemin%echerok.txt"
@if exist "%chemin%egnavi1.reg" del /q "%chemin%egnavi1.reg"
@if exist "%chemin%\horfile.txt" del /q "%chemin%\horfile.txt"

if exist "%SystemDrive%\fixnavi.txt" del /q "%SystemDrive%\fixnavi.txt"

cd "%chemin%\Report" 2>NUL
if %errorlevel%==0 cd\
if %errorlevel%==1 md "%chemin%\Report"

@if %mmos%==1 (
@if not exist "%windir%\system32eg.exe" @copy "%chemin%eg.exe" "%windir%\system32" >NUL
)

@echo off
@echo.
@if %langue%==fra @echo Creation de la liste des programmes installes
@if %langue%==eng @echo Creating  a list of installed Software
@echo.
@echo %patient%
@echo.

(
@for /f "tokens=7 delims=\" %%a in ('@reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall"') do (
@reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\%%a" /v DisplayName 2>NUL>>%SystemDrive%\unpffc01.txt)
@for /f "tokens=3* delims=	" %%a in (%SystemDrive%\unpffc01.txt) do (
@echo %%a>>%SystemDrive%\unpffc02.txt)
@sort "%SystemDrive%\unpffc02.txt">"%SystemDrive%\unpffc03.txt"
if exist "%SystemDrive%\unpffc02.txt" del /q "%SystemDrive%\unpffc02.txt"
if exist "%SystemDrive%\unpffc01.txt" del /q "%SystemDrive%\unpffc01.txt"
)

@echo off
:list2
@if %langue%==fra (
@echo Search Navipromo %sver% commencé le %date% à %time%>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
@echo !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!>>%SystemDrive%\fixnavi.txt
@echo !!! Postez ce rapport sur le forum pour le faire analyser !!!>>%SystemDrive%\fixnavi.txt
@echo !!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
@echo Outil exécuté depuis %chemin%>>%SystemDrive%\fixnavi.txt
REM @echo Session actuelle : "%username%" | "%chemin%\oem2ansi.exe">>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
@echo Mise à jour le %smiseajour% par IL-MAFIOSO>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
REM @if not %vistaos%==1 (
REM @ver>>%SystemDrive%\fixnavi.txt
REM )
REM @if %vistaos%==1 (
REM @echo Microsoft Windows Vista %osversion% >>%SystemDrive%\fixnavi.txt
REM )
REM @for /f "tokens=1,2,3" %%a in ('%valeur%^|%version%') do @echo Internet Explorer : %%c >>%SystemDrive%\fixnavi.txt
REM @if %mmos%==0 (
REM @echo Système de fichiers : %Typdisk%>>%SystemDrive%\fixnavi.txt
REM )
if exist "%chemin%\OsV.exe" (
call "%chemin%\OsV.exe">>%SystemDrive%\fixnavi.txt
)
@echo.>>%SystemDrive%\fixnavi.txt
@if not defined safeboot_option @echo Recherche %modnormal%>>%SystemDrive%\fixnavi.txt
@if defined safeboot_option @echo Recherche %modechec%>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
@echo Search Navipromo %sver% commence le %date% a %time%
@echo. 
@echo !!! Attention,ce rapport peut indiquer des fichiers/programmes legitimes !!!
@echo !!! Postez ce rapport sur le forum pour le faire analyser !!!
@echo !!! Ne lancez pas la partie desinfection sans l'avis d'un specialiste !!!
@echo.
@echo.
if %mmos%==0 (
@echo *** Recherche Programmes installés ***>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
)
)

@if %langue%==eng (
@echo Search Navipromo %sver% began on %date% at %time%>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
@echo !!! Warning, this report may include legitimate files/programs !!!>>%SystemDrive%\fixnavi.txt
@echo !!! Post this report on the forum you are being helped !!!>>%SystemDrive%\fixnavi.txt
@echo !!! Don't continue with removal unless instructed by an authorized helper !!!>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
@echo Fix running from %chemin%>>%SystemDrive%\fixnavi.txt
REM @echo Actual User Account : "%username%" | "%chemin%\oem2ansi.exe">>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
@echo Updated on %smiseajour% by IL-MAFIOSO>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
REM @if not %vistaos%==1 (
REM @ver>>%SystemDrive%\fixnavi.txt
REM )
REM @if %vistaos%==1 (
REM @echo Microsoft Windows Vista %osversion% >>%SystemDrive%\fixnavi.txt
REM )
REM @for /f "tokens=1,2,3" %%a in ('%valeur%^|%version%') do @echo Version Internet Explorer : %%c>>%SystemDrive%\fixnavi.txt
REM @if %mmos%==0 (
REM @echo Filesystem type : %Typdisk%>>%SystemDrive%\fixnavi.txt
REM )
if exist "%chemin%\OsV.exe" (
call "%chemin%\OsV.exe">>fixnavi.txt
)
@echo.>>%SystemDrive%\fixnavi.txt
@if not defined safeboot_option @echo Search %modnormal%>>%SystemDrive%\fixnavi.txt
@if defined safeboot_option @echo Search %modechec%>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
@echo Search for Navipromo %sver% started on %date% at %time%
@echo. 
@echo !!! Warning, this report may include legitimate files/programs !!!
@echo !!! Post this report at the forum you are being helped !!!
@echo !!! Don't continue with removal unless instructed by an authorized helper !!!
@echo.
@echo.
if %mmos%==0 (
@echo *** Searching for installed Software ***>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
)
)
:suite6

if %mmos%==1 (
@if exist "%SystemDrive%\unpffc0?.txt" @del /q "%SystemDrive%\unpffc0?.txt"
goto suite7
)

@echo.
@echo.
@if %langue%==fra @echo *** Recherche programmes installes *** 
@if %langue%==eng @echo *** Searching for installed software *** 
@echo.
@echo %patient%
@echo.

if exist "%SystemDrive%\unpffc03.txt" (
type "%SystemDrive%\unpffc03.txt" | find /i /V "Windows Live">>"%SystemDrive%\unpffc04.txt"
)
if exist "%SystemDrive%\unpffc04.txt" (
type "%SystemDrive%\unpffc04.txt" | find /i /V "Sound">>"%SystemDrive%\unpffc05.txt"
)
if exist "%SystemDrive%\unpffc05.txt" (
type "%SystemDrive%\unpffc05.txt" | find /i /V "Blaster">>"%SystemDrive%\unpffc06.txt"
)
if exist "%SystemDrive%\unpffc06.txt" (
type "%SystemDrive%\unpffc06.txt" | find /i /V "Creative">>"%SystemDrive%\unpffc07.txt"
)
if exist "%SystemDrive%\unpffc07.txt" (
type "%SystemDrive%\unpffc07.txt" | find /i /V "Oregon">>"%SystemDrive%\unpffc08.txt"
)

if exist "%SystemDrive%\unpffc08.txt" (
@FINDSTR /c:"Favorit" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"go-astro" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"go-Astro" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"Go-astro" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"Go-Astro" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"GoAstro" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"goastro" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"Goastro" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"goAstro" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"GoRecord" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"HotTVPlayer" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"HotTvPlayer" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"Instant Access" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"Instant access" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"instant Access" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"instant access" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"InternetGameBox" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"Live-Player" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"MailSkinner" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"Mailskinner" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"mailskinner" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"mailSkinner" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"MessengerSkinner" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"Messengerskinner" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"messengerskinner" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"messengerSkinner" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"SudoPlanet" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"WebMediaPlayer" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"Web-Mediaplayer" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"Web-mediaplayer" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"web-mediaplayer" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@FINDSTR /c:"Web-Mediaplayer" "%SystemDrive%\unpffc08.txt">>%SystemDrive%\fixnavi.txt
@echo.
@echo %rechter%
@echo.
)

@if exist "%SystemDrive%\unpffc0?.txt" @del /q "%SystemDrive%\unpffc0?.txt"

@goto suite7

:suite7

@echo.>>%SystemDrive%\fixnavi.txt
@echo *** %reche% %dossier% %dans% "%WINDIR%" ***>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt

@echo.
@echo *** %reche% %dossier% %dans% "%WINDIR%" ***
@echo.
@echo %patient%
@echo.
pushd %WINDIR%

IF EXIST "mc" echo %WINDIR%\mc %strouv%>>%SystemDrive%\fixnavi.txt
IF EXIST "mslagent" echo %WINDIR%\mslagent %strouv%>>%SystemDrive%\fixnavi.txt
IF EXIST "msskinner" echo %WINDIR%\msskinner %strouv%>>%SystemDrive%\fixnavi.txt
IF EXIST "navmpc" echo %WINDIR%
avmpc %strouv%>>%SystemDrive%\fixnavi.txt
IF EXIST "simcss" echo %WINDIR%\simcss %strouv%>>%SystemDrive%\fixnavi.txt
IF EXIST "wincomp" echo %WINDIR%\wincomp %strouv%>>%SystemDrive%\fixnavi.txt
IF EXIST "winmgts" echo %WINDIR%\winmgts %strouv%>>%SystemDrive%\fixnavi.txt
IF EXIST "wintrim" echo %WINDIR%\wintrim %strouv%>>%SystemDrive%\fixnavi.txt

popd
@echo %rechter%
@echo.
@goto suite8

:suite8
@echo.>>%SystemDrive%\fixnavi.txt
@echo *** %reche% %dossier% %dans% "%PROGRAMFILES%" ***>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt

@echo.
@echo *** %reche% %dossier% %dans% "%PROGRAMFILES%" *** 
@echo.
@echo %patient%
@echo.
pushd "%PROGRAMFILES%"
call "%chemin%\Contents\Folders.bat"
popd
@echo %rechter%
@echo.

@echo.>>%SystemDrive%\fixnavi.txt

if %vistaos%==1 (
pushd "%austartprg2%"
@echo *** %reche% %dossier% %dans% "%austartprg2%" ***>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
@echo.
@echo *** %reche% %dossier% %dans% "%austartprg2%" *** 
@echo.
@echo %patient%
@echo.
call "%chemin%\Contents\Folders.bat"
popd
@echo %rechter%
@echo.
@echo.>>%SystemDrive%\fixnavi.txt
)

if %vistaos%==0 (
pushd "%ALLUSERSPROFILE%\%MENDPRG%"
@echo *** %reche% %dossier% %dans% "%ALLUSERSPROFILE%\%MENDPRG%" ***>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
@echo.
@echo *** %reche% %dossier% %dans% "%ALLUSERSPROFILE%\%MENDPRG%" *** 
@echo.
@echo %patient%
@echo.
call "%chemin%\Contents\Folders.bat"
popd
@echo %rechter%
@echo.
@echo.>>%SystemDrive%\fixnavi.txt
)

if %vistaos%==1 (
pushd "%austartm2%"
@echo *** %reche% %dossier% %dans% "%austartm2%" ***>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
@echo.
@echo *** %reche% %dossier% %dans% "%austartm2%" *** 
@echo.
@echo %patient%
@echo.
call "%chemin%\Contents\Folders.bat"
popd
@echo %rechter%
@echo.
)

if %vistaos%==0 (
pushd "%ALLUSERSPROFILE%\%MENDM%"
@echo *** %reche% %dossier% %dans% "%ALLUSERSPROFILE%\%MENDM%" ***>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
@echo.
@echo *** %reche% %dossier% %dans% "%ALLUSERSPROFILE%\%MENDM%" *** 
@echo.
@echo %patient%
@echo.
call "%chemin%\Contents\Folders.bat"
popd
@echo %rechter%
@echo.
)

@goto suite8vista

:suite8vista
@if not %vistaos%==1 @goto suite8a
@pushd "%ProgramData%"
@echo.>>%SystemDrive%\fixnavi.txt
@echo *** %reche% %dossier% %dans% "%ProgramData%" ***>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
@echo.
@echo *** %reche% %dossier% %dans% "%ProgramData%" *** 
@echo.
@echo %patient%
@echo.
call "%chemin%\Contents\Folders.bat"
popd
@echo %rechter%
@echo.
@goto suite8vistab

:suite8vistab
@if not %vistaos%==1 @goto suite8a
pushd "%startprg2%" 2>NUL
@IF NOT ERRORLEVEL 1 (
@echo.>>%SystemDrive%\fixnavi.txt
@echo *** %reche% %dossier% %dans% "%startprg2%" ***>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
@echo.
@echo *** %reche% %dossier% %dans% "%startprg2%" *** 
@echo.
@echo %patient%
@echo.
call "%chemin%\Contents\Folders.bat"
popd
)

if exist "%temp%\session1.txt" del /q "%temp%\session1.txt"
if exist "%temp%\session2.txt" del /q "%temp%\session2.txt"
if exist "%temp%\session3.txt" del /q "%temp%\session3.txt"

pushd "%systemdrive%\%VISTAUSE%" 2>NUL

for /f "tokens=*" %%G in ('dir /b /a:d  ^| find /v "All Users" ^| find /v "Default User" ^| find /v "Default" ^| find /v "Public" ^| find /v "%username%"') do echo %%~fsG>>"%temp%\session1.txt"

popd

if exist "%temp%\session1.txt" (
for /f "delims=" %%G in ('type "%temp%\session1.txt"') do (
pushd "%%G"
if NOT ERRORLEVEL 1 (
echo %%G>>"%temp%\session2.txt"
popd
)
)
)

if exist "%temp%\session2.txt" (
for /f "delims=" %%G in ('type "%temp%\session2.txt"') do (
pushd "%%G\%VISDEMPRG" 2>NUL
if NOT ERRORLEVEL 1 (
echo %%G>>"%temp%\session3.txt"
popd
)
)
)

if exist "%temp%\session3.txt" (
for /f "delims=" %%G in ('type "%temp%\session3.txt"') do (

pushd "%%G\%VISDEMPRG%" 2>NUL

@echo.>>%SystemDrive%\fixnavi.txt
@echo *** %reche% %dossier% %dans% "%%G\%VISDEMPRG%" ***>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
@echo.
@echo *** %reche% %dossier% %dans% "%%G\%VISDEMPRG%" *** 
@echo.
@echo %patient%
@echo.
call "%chemin%\Contents\Folders.bat"
echo %rechter%
@echo.
popd
)
)

if exist "%temp%\session1.txt" del /q "%temp%\session1.txt"
if exist "%temp%\session2.txt" del /q "%temp%\session2.txt"
if exist "%temp%\session3.txt" del /q "%temp%\session3.txt"

@goto suite8vistad

:suite8vistad
@if not %vistaos%==1 @goto suite8a
@if not %vista3%==1 @goto suite8a
@echo.>>%SystemDrive%\fixnavi.txt
@echo *** %reche% %dossier% %dans% "%LOCALAPPDATA%\virtualstore\Program Files" ***>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
@echo.
@echo *** %reche% %dossier% %dans% "%LOCALAPPDATA%\virtualstore\Program Files" *** 
@echo.
@echo %patient%
@echo.
pushd "%LOCALAPPDATA%\virtualstore\Program Files"
call "%chemin%\Contents\Folders.bat"
popd
@echo %rechter%
@echo.

if exist "%temp%\session1.txt" del /q "%temp%\session1.txt"
if exist "%temp%\session2.txt" del /q "%temp%\session2.txt"
if exist "%temp%\session3.txt" del /q "%temp%\session3.txt"

pushd "%systemdrive%\%VISTAUSE%" 2>NUL

for /f "tokens=*" %%G in ('dir /b /a:d  ^| find /v "All Users" ^| find /v "Default User" ^| find /v "Default" ^| find /v "Public" ^| find /v "%username%"') do echo %%~fsG>>"%temp%\session1.txt"

popd

if exist "%temp%\session1.txt" (
for /f "delims=" %%G in ('type "%temp%\session1.txt"') do (
pushd "%%G"
if NOT ERRORLEVEL 1 (
echo %%G>>"%temp%\session2.txt"
popd
)
)
)

if exist "%temp%\session2.txt" (
for /f "delims=" %%G in ('type "%temp%\session2.txt"') do (
pushd "%%G\%VISTALOC%\virtualstore\Program Files" 2>NUL
if NOT ERRORLEVEL 1 (
echo %%G>>"%temp%\session3.txt"
popd
)
)
)

if exist "%temp%\session3.txt" (
for /f "delims=" %%G in ('type "%temp%\session3.txt"') do (

pushd "%%G\%VISTALOC%\virtualstore\Program Files" 2>NUL

@echo.>>%SystemDrive%\fixnavi.txt
@echo *** %reche% %dossier% %dans% "%%G\%VISTALOC%\virtualstore\Program Files" ***>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
@echo.
@echo *** %reche% %dossier% %dans% "%%G\%VISTALOC%\virtualstore\Program Files" *** 
@echo.
@echo %patient%
@echo.
call "%chemin%\Contents\Folders.bat"
popd
@echo %rechter%
@echo.
)
)

if exist "%temp%\session1.txt" del /q "%temp%\session1.txt"
if exist "%temp%\session2.txt" del /q "%temp%\session2.txt"
if exist "%temp%\session3.txt" del /q "%temp%\session3.txt"

@echo.>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt

pushd "%LOCALAPPDATA%"
@echo *** %reche% %dossier% %dans% "%LOCALAPPDATA%" ***>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
@echo.
@echo *** %reche% %dossier% %dans% "%LOCALAPPDATA%" ***
@echo.
@echo %patient%
@echo.
call "%chemin%\Contents\Folders.bat"
popd
@echo %rechter%
@echo.
@echo.>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt

if exist "%temp%\session1.txt" del /q "%temp%\session1.txt"
if exist "%temp%\session2.txt" del /q "%temp%\session2.txt"
if exist "%temp%\session3.txt" del /q "%temp%\session3.txt"

pushd "%systemdrive%\%VISTAUSE%" 2>NUL

for /f "tokens=*" %%G in ('dir /b /a:d  ^| find /v "All Users" ^| find /v "Default User" ^| find /v "Default" ^| find /v "Public" ^| find /v "%username%"') do echo %%~fsG>>"%temp%\session1.txt"

popd

if exist "%temp%\session1.txt" (
for /f "delims=" %%G in ('type "%temp%\session1.txt"') do (
pushd "%%G"
if NOT ERRORLEVEL 1 (
echo %%G>>"%temp%\session2.txt"
popd
)
)
)

if exist "%temp%\session2.txt" (
for /f "delims=" %%G in ('type "%temp%\session2.txt"') do (
pushd "%%G\%VISTALOC%" 2>NUL
if NOT ERRORLEVEL 1 (
echo %%G>>"%temp%\session3.txt"
popd
)
)
)

if exist "%temp%\session3.txt" (
for /f "delims=" %%G in ('type "%temp%\session3.txt"') do (
pushd "%%G\%VISTALOC%" 2>NUL
echo *** %reche% %dossier% %dans% "%%G\%VISTALOC%" *** | "%chemin%\oem2ansi.exe">>%SystemDrive%\fixnavi.txt
echo.>>%SystemDrive%\fixnavi.txt
call "%chemin%\Contents\Folders.bat"
popd
@echo %rechter%
@echo.
@echo.>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
)
)
if exist "%temp%\session1.txt" del /q "%temp%\session1.txt"
if exist "%temp%\session2.txt" del /q "%temp%\session2.txt"
if exist "%temp%\session3.txt" del /q "%temp%\session3.txt"

@goto suite8a

:suite8a
@if %vistaos%==1 @goto suite8b

@echo.>>%SystemDrive%\fixnavi.txt
@echo *** %reche% %dossier% %dans% "%auppdata2%" ***>>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
@echo.
@echo *** %reche% %dossier% %dans% "%auppdata2%" ***
@echo.
@echo %patient%
@echo.
pushd "%auppdata2%"
call "%chemin%\Contents\Folders.bat"
popd
@echo. %rechter%
@echo.
@echo.>>%SystemDrive%\fixnavi.txt

@echo *** %reche% %dossier% %dans% "%USERPROFILE%\%APD%" *** | "%chemin%\oem2ansi.exe">>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
@echo.
@echo *** %reche% %dossier% %dans% "%USERPROFILE%\%APD%" ***
@echo.
@echo %patient%
@echo.
pushd "%USERPROFILE%"
pushd "%APD%"
call "%chemin%\Contents\Folders.bat"
popd
popd
echo %rechter%
if exist "%temp%\session1.txt" del /q "%temp%\session1.txt"
if exist "%temp%\session2.txt" del /q "%temp%\session2.txt"
if exist "%temp%\session3.txt" del /q "%temp%\session3.txt"

pushd "%systemdrive%\%DOCSET%" 2>NUL

for /f "tokens=*" %%G in ('dir /b /a:d  ^| find /v "All Users" ^| find /v "Default User" ^| find /v "NetworkService" ^| find /v "LocalService" ^| find /v "%username%"') do echo %%~fsG>>"%temp%\session1.txt"

popd

if exist "%temp%\session1.txt" (
for /f "delims=" %%G in ('type "%temp%\session1.txt"') do (
pushd "%%G"
if NOT ERRORLEVEL 1 (
echo %%G>>"%temp%\session2.txt"
popd
)
)
)

if exist "%temp%\session2.txt" (
for /f "delims=" %%G in ('type "%temp%\session2.txt"') do (
pushd "%%G\%APD%" 2>NUL
if NOT ERRORLEVEL 1 (
echo %%G>>"%temp%\session3.txt"
popd
)
)
)

if exist "%temp%\session3.txt" (
for /f "delims=" %%G in ('type "%temp%\session3.txt"') do (
pushd "%%G\%APD%" 2>NUL
echo.>>%SystemDrive%\fixnavi.txt
echo *** %reche% %dossier% %dans% "%%G\%APD%" *** | "%chemin%\oem2ansi.exe">>%SystemDrive%\fixnavi.txt
echo.>>%SystemDrive%\fixnavi.txt
echo.
echo *** %reche% %dossier% %dans% "%%G\%APD%" ***
echo.
echo %patient%
echo.
call "%chemin%\Contents\Folders.bat"
popd
echo %rechter%
echo.
)
)
if exist "%temp%\session1.txt" del /q "%temp%\session1.txt"
if exist "%temp%\session2.txt" del /q "%temp%\session2.txt"
if exist "%temp%\session3.txt" del /q "%temp%\session3.txt"


@echo.
@echo.>>%SystemDrive%\fixnavi.txt

@echo *** %reche% %dossier% %dans% "%USERPROFILE%\%LSAD%" *** | "%chemin%\oem2ansi.exe">>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
@echo.
@echo *** %reche% %dossier% %dans% "%USERPROFILE%\%LSAD%" *** | "%chemin%\oem2ansi.exe"
@echo.
@echo %patient%
@echo.

pushd "%USERPROFILE%"
pushd "%LSAD%"
call "%chemin%\Contents\Folders.bat"
echo %rechter%
echo.
popd
popd

if exist "%temp%\session1.txt" del /q "%temp%\session1.txt"
if exist "%temp%\session2.txt" del /q "%temp%\session2.txt"
if exist "%temp%\session3.txt" del /q "%temp%\session3.txt"

pushd "%systemdrive%\%DOCSET%" 2>NUL

for /f "tokens=*" %%G in ('dir /b /a:d  ^| find /v "All Users" ^| find /v "Default User" ^| find /v "NetworkService" ^| find /v "LocalService" ^| find /v "%username%"') do echo %%~fsG>>"%temp%\session1.txt"

popd

if exist "%temp%\session1.txt" (
for /f "delims=" %%G in ('type "%temp%\session1.txt"') do (
pushd "%%G"
if NOT ERRORLEVEL 1 (
echo %%G>>"%temp%\session2.txt"
popd
)
)
)

if exist "%temp%\session2.txt" (
for /f "delims=" %%G in ('type "%temp%\session2.txt"') do (
pushd "%%G\%LSAD%" 2>NUL
if NOT ERRORLEVEL 1 (
echo %%G>>"%temp%\session3.txt"
popd
)
)
)

if exist "%temp%\session3.txt" (
for /f "delims=" %%G in ('type "%temp%\session3.txt"') do (
pushd "%%G\%LSAD%" 2>NUL
echo.>>%SystemDrive%\fixnavi.txt
echo *** %reche% %dossier% %dans% "%%G\%LSAD%" *** | "%chemin%\oem2ansi.exe">>%SystemDrive%\fixnavi.txt
echo.>>%SystemDrive%\fixnavi.txt
echo.
echo *** %reche% %dossier% %dans% "%%G\%LSAD%" ***
echo.
echo %patient%
echo.
call "%chemin%\Contents\Folders.bat"
popd
echo %rechter%
echo.
)
)
if exist "%temp%\session1.txt" del /q "%temp%\session1.txt"
if exist "%temp%\session2.txt" del /q "%temp%\session2.txt"
if exist "%temp%\session3.txt" del /q "%temp%\session3.txt"

@echo.>>%SystemDrive%\fixnavi.txt
@echo *** %reche% %dossier% %dans% "%USERPROFILE%\%MENDPRG%" *** | "%chemin%\oem2ansi.exe">>%SystemDrive%\fixnavi.txt
@echo.>>%SystemDrive%\fixnavi.txt
@echo.
@echo *** %reche% %dossier% %dans% "%USERPROFILE%\%MENDPRG%" *** | "%chemin%\oem2ansi.exe"
@echo.
@echo %patient%
@echo.

pushd "%USERPROFILE%"
pushd "%MENDPRG%"
call "%chemin%\Contents\Folders.bat"
echo %rechter%
echo.
popd
popd

if exist "%temp%\session1.txt" del /q "%temp%\session1.txt"
if exist "%temp%\session2.txt" del /q "%temp%\session2.txt"
if exist "%temp%\session3.txt" del /q "%temp%\session3.txt"

pushd "%systemdrive%\%DOCSET%" 2>NUL

fo

plopus · Answer

tes rapport sont illisibles

telecharge insatlle et met a jour malwarebyte et fait un scan complets
http://www.commentcamarche.net/telecharger/telecharger 34055379 malwarebytes anti malware
supprime toutes les infections trouvées et poste le rapport

puis telecharge hijacthis
https://www.01net.com/telecharger/windows/Securite/anti-spyware/fiches/29061.html
choisit "do a scan and save the log" et poste le rapport

plopus · Answer

as tu supprimer les infections avec malware byte? va voire dans la quarantaine et supprime tout et si tu les trouve pas refait un scan RAPIDE avec malware byte c'est moins de 15min et poste le rapport.

je regarde ton hijacthis pour la suite

plopus · Answer

pour suivre telecharge et installe AD REMOVER

http://sd-1.archive-host.com/membres/up/16506160323759868/AD-R.exe

choisit ta langue fait option 1 et poste le rapport

junon16 · Answer

rebonjour,
non je ne les avais pas suprimer ai refait scan 1 suprimer tout de suite pour les 5 autres j'ai redemare mon systeme et je les ai trouve dans quarantaine et suprime
voici les deux rapport
@REM       +-----------------------------------------------------------------------------+
@REM       |                                                                             |
@REM       |  AD-Remover  1.0.8.5 by C_XX                                                |
@REM       |                                                                             |
@REM       |  Cmdow.exe   by Commandline           - http://www.commandline.co.uk/cmdow/ |
@REM       |  nircmd.exe  by NirSoft               - http://www.nirsoft.net/             |
@REM       |  Process.exe by Craig Peacock         - https://www.beyondlogic.org/             |
@REM       |  procs.exe   by ... ?                 - https://diamondcs.com.au/            |
@REM       |  sc.exe      by Microsoft Corporation - https://www.microsoft.com/fr-fr/           |
@REM       |  swreg.exe   by SteelWerX             - https://fstaal01.home.xs4all.nl/     |
@REM       |  timer.exe   by Gammadyne Corporation - https://www.gammadyne.com/default.htm               |
@REM       |  find.exe    by Microsoft Corporation - https://www.microsoft.com/fr-fr/           |
@REM       |  findstr.exe by Microsoft Corporation - https://www.microsoft.com/fr-fr/           |
@REM       |                                                                             |
@REM       +-----------------------------------------------------------------------------+
@ECHO OFF
mode con: cols=75 lines=10&color 3F&echo.&echo  Veuillez patienter...

CHCP 850>NUL 2>&1

:: #######################################################################################

for %%A in (
   Cmdow.exe delete.cmd found.cmd find.exe findstr.exe isadmin.exe Nircmd.exe Process.exe Procs.exe set_d.bat sc.exe swreg.exe TIMER.exe
   1 1\AdL 1\AdLB 1\AdLC 1\AdLF 1\AdLP 1\AdLV 1\AdLX 1\List
   2 2\AdL 2\AdLB 2\AdLC 2\AdLF 2\AdLP 2\AdLV 2\AdLX 2\List
   3 3\AdL 3\AdLB 3\AdLC 3\AdLF 3\AdLP 3\AdLV 3\AdLX 3\List
   4 4\AdL 4\AdLB 4\AdLC 4\AdLF 4\AdLP 4\AdLV 4\AdLX 4\List
   5 5\AdL 5\AdLB 5\AdLC 5\AdLF 5\AdLP 5\AdLV 5\AdLX 5\List
   6 6\AdL 6\AdLB 6\AdLC 6\AdLF 6\AdLP 6\AdLV 6\AdLX 6\List
   ) do if not exist TOOLS\%%A (
      mode con: cols=75 lines=26 &color C0
      echo.&echo.&echo.&echo.&echo.&echo.&echo.&echo.&echo.&echo.&echo.
      echo                      ERREUR - "%%A" est manquant !
      echo.&echo              Appuyez sur n'importe quelle touche pour quitter
      pause>NUL
      goto :eof)

IF NOT EXIST "%systemroot%\system32\find.exe" (copy /Y "%location%\TOOLS\find.exe" "%systemroot%\system32\find.exe">NUL 2>&1)
IF NOT EXIST "%systemroot%\system32\findstr.exe" (copy /Y "%location%\TOOLS\findstr.exe" "%systemroot%\system32\findstr.exe">NUL 2>&1)
IF NOT EXIST "%systemroot%\system32\sc.exe" (copy /Y "%location%\TOOLS\sc.exe" "%systemroot%\system32\sc.exe">NUL 2>&1)

if not defined safeboot_option set bootmode=Normal
if defined safeboot_option set bootmode=MSE
if not defined SystemRoot set SystemRoot=%systemdrive%\WINDOWS
if not defined Windir set Windir=%systemdrive%\WINDOWS

for /f "tokens=*" %%A in ('cd') do set location=%%A

Ver|FIND /i "5.1.2600">NUL&IF NOT ERRORLEVEL 1 set /A SE_=0
Ver|FIND /i "6.0.6000">NUL&IF NOT ERRORLEVEL 1 set /A SE_=1
Ver|FIND /i "6.0.6001">NUL&IF NOT ERRORLEVEL 1 set /A SE_=2

if %SE_%==0 (
   REG query "HKLM\Software\Microsoft\Windows NT\CurrentVersion" /v "CSDVersion">Os_sp
   if exist Os_sp (
      (type Os_sp|FIND /i "Service pack 1"&if not errorlevel 1 (del /q Os_sp&set OS_sp=SP1&goto Ct_))>NUL
      (type Os_sp|FIND /i "Service pack 2"&if not errorlevel 1 (del /q Os_sp&set OS_sp=SP2&goto Ct_))>NUL
      (type Os_sp|FIND /i "Service pack 3"&if not errorlevel 1 (del /q Os_sp&set OS_sp=SP3&goto Ct_))>NUL
      ))

if not %SE_%==0 (
   (REG query "HKLM\Software\Microsoft\Windows NT\CurrentVersion" /v "CSDVersion"|find /i "Service Pack 1"&if not errorlevel 1 set OS_sp=SP1)>NUL 2>&1
   REG query "HKLM\Software\Microsoft\Windows NT\CurrentVersion" /v "EditionID">Os_version
   if exist Os_version (
      (type Os_version|FIND /i "Business"&if not errorlevel 1 (del /q Os_version&set OS_version=Business&goto Ct_))>NUL
      (type Os_version|FIND /i "Enterprise"&if not errorlevel 1 (del /q Os_version&set OS_version=Enterprise&goto Ct_))>NUL
      (type Os_version|FIND /i "HomeBasic"&if not errorlevel 1 (del /q Os_version&set OS_version=Home Basic&goto Ct_))>NUL
      (type Os_version|FIND /i "HomePremium"&if not errorlevel 1 (del /q Os_version&set OS_version=Home Premium&goto Ct_))>NUL
      (type Os_version|FIND /i "Enterprise"&if not errorlevel 1 (del /q Os_version&set OS_version=Enterprise&goto Ct_))>NUL
      (type Os_version|FIND /i "Ultimate"&if not errorlevel 1 (del /q Os_version&set OS_version=Ultimate&goto Ct_))>NUL
      ))

:Ct_
If exist Os_version del /q Os_version
If exist Os_sp del /q Os_sp

if %SE_%==0 (set SE=Windows XP&set verw=v5.1.2600&set cookies=%USERPROFILE%\Cookies&set desktop=%USERPROFILE%\Bureau&set data=ADLX)
if %SE_%==1 (set SE=Windows Vista&set verw=v6.0.6000&set cookies=%appdata%\Microsoft\Windows\Cookies&set desktop=%USERPROFILE%\Desktop&set data=ADLV)
if %SE_%==2 (set SE=Windows Vista&set verw=v6.0.6001&set cookies=%appdata%\Microsoft\Windows\Cookies&set desktop=%USERPROFILE%\Desktop&set data=ADLV)

set autor=C_XX
set chemchoix="%systemdrive%\choice.txt"
CALL TOOLS\set_d.bat&if not defined date_ set date_=%date%
set del=DEL A/F/Q
set del1=RMDIR /S/Q
set dpf=%Windir%\Downloaded Program Files
set ie=%programfiles%\Internet explorer
set installer=%Windir%\Installer
set name=AD-Remover
set name2=AD-Remover.bat
set prefetch=%Windir%\Prefetch
set system32=%Windir%\system32
set startprogxp=%ALLUSERSPROFILE%\MENUDM~1\PROGRA~1
set startprogxp2=%USERPROFILE%\MENUDM~1\PROGRA~1
set startupxp=%ALLUSERSPROFILE%\MENUDM~1\PROGRA~1\DMARRA~1
set startupxp2=%USERPROFILE%\MENUDM~1\PROGRA~1\DMARRA~1
set startuprogvista=%PROGRAMDATA%\Microsoft\Windows\STARTM~1\Programs
set temp2=%systemroot%	emp
set ver=1.0.8.5
set wlm=%programfiles%\Windows live\Messenger

If exist "%APPDATA%\Mozilla\Firefox\Profiles" (
   for %%A in (default) do if exist "%APPDATA%\Mozilla\Firefox\Profiles\*%%A*" (
   for /f "tokens=*" %%B in ('dir /b/a "%APPDATA%\Mozilla\Firefox\Profiles\*%%A*"') do (
   pushd "%APPDATA%\Mozilla\Firefox\Profiles"
   if exist "%%B" set FF=%%B
   popd)))

for %%A in (count1 count2 count3 count4 count5 count6 FFcount prefs_count processcount) do set /a %%A=0

echo On Error resume next>>TOOLS\finddisk.vbs
echo Set fso = CreateObject("Scripting.FileSystemObject")>>TOOLS\finddisk.vbs
echo Set drives = fso.CreateTextFile("%temp%\drives.txt", True)>>TOOLS\finddisk.vbs
echo For Each drv in fso.Drives>>TOOLS\finddisk.vbs
echo drives.WriteLine  "- " ^&drv.DriveLetter^&":\" ^& "  (File System: " ^& drv.FileSystem ^& ")">>TOOLS\finddisk.vbs
echo Next>>TOOLS\finddisk.vbs
echo drives.Close : Set fso = Nothing : WScript.Quit(0)>>TOOLS\finddisk.vbs

If exist TOOLS\finddisk.vbs (cscript //Nologo //B TOOLS\finddisk.vbs&del /q TOOLS\finddisk.vbs)

for /f "tokens=* delims= " %%A in ('ver') do set ver1=%%A
for /f "tokens=1,2,3*" %%A in ('reg query "HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer" /v version ^| FIND /I "REG_SZ"') do set VerIE=%%C
for /f "tokens=1,2,3*" %%A in ('reg query "HKEY_LOCAL_MACHINE\Software\Mozilla\Mozilla Firefox" /v CurrentVersion ^| FIND /I "REG_SZ"') do set VerFF=%%C
reg query "HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer" /v version >NUL 2>NUL&if errorlevel 1 set VerIE= ^[Unable to get version^]
reg query "HKEY_LOCAL_MACHINE\Software\Mozilla\Mozilla Firefox" /v CurrentVersion >NUL 2>NUL&if errorlevel 1 set VerFF= ^[Unable to get version^]
(for /f "tokens=5 delims=\" %%A in ('reg query "HKEY_CURRENT_USER\Software\Microsoft\Protected Storage System Provider"') do (set USER=%%A))>NUL 2>&1

IF NOT %SE_%==0 (for /f "tokens=1,2,3 delims= " %%a in ('reg query HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA') do (
  if %%c==0x0 (set UAC=UAC is disable)
  if %%c==0x1 (set UAC=UAC is ENABLE)))

set end=Termin‚ ! Le rapport est sauvegard‚ ici:
set run=Choisissez et appuyer sur ENTREE pour continuer
set step0=Arret des processus
set step1=Recherche Boonty^\BoontyGames ..
set step1b=Suppression Boonty^\BoontyGames ..
set step2=Recherche Eorezo ..
set step2b=Suppression Eorezo ..
set step3=Recherche Everest Poker ..
set step3b=Suppression Everest Poker ..
set step4=Recherche FunWebProducts^\MyWay^\MyWebSearch^\MyGlobalSearch ..
set step4b=Suppression FunWebProducts^\MyWay^\MyWebSearch^\MyGlobalSearch ..
set step5=Recherche It's TV ..
set step5b=Suppression It's TV ..
set step6=Recherche Sweetim ..
set step6b=Suppression Sweetim ..
set step7=Scan additionnel ..

TOOLS\isadmin.exe>>"%temp%\chckad.txt"&if exist "%temp%\chckad.txt" (for /f "tokens=*" %%A in ('type "%temp%\chckad.txt"') do set admin=%%A&del /q "%temp%\chckad.txt")

TOOLS\Cmdow.exe Ad-remover /HID&TOOLS\Nircmd BEEP 9900 80&TOOLS\Nircmd BEEP 9900 80&TOOLS\Nircmd BEEP 9900 80
TOOLS
ircmd.exe infobox "Vous utilisez cet outil … vos risques et p‚rils.~n ~nN'importes quelles modifications de cet outil est susceptible d'empˆcher son bon fonctionnement.~nFermez toutes les applications avant de le lancer.~n ~n ~n/!\ Ne lancez ce programme UNIQUEMENT si un helper confirm‚ vous l'a demand‚." "Ad-remover - Avertissement"
TOOLS\Cmdow.exe Ad-remover /VIS 2>NUL

:: #######################################################################################

:start menu
mode con: cols=75 lines=26&color 3F
title AD-Remover %ver% by %autor%&cls&echo.
echo           ÚÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ¿
echo           ³                                                     ³
echo           ³  %name% %ver% by %autor% - %TIME:~0,-9%:%TIME:~3,2%:%TIME:~6,2% ³ %date% ³
echo           ³                                                     ³
echo           ³ ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ ³
echo           ³                           _____                     ³
echo           ³  A. Scan                 (_Hi_!)                    ³
echo           ³  B. Clean                  \^|   (\_/)               ³
echo           ³  C. Uninstal                    (^^.^^)               ³
echo           ³  D. Exit                       (")_(")              ³
echo           ³                                                     ³
echo           ÀÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÙ
echo.&echo.&echo.
set /p choice=   %run% ('A','B','C','D') :
if /i %choice%==A GOTO scan
if /i %choice%==B GOTO begin
if /i %choice%==C GOTO uninstal
if /i %choice%==D GOTO :eof
goto start menu

:uninstal
if exist "%location%\Uninstal.exe" (call "%location%\Uninstal.exe"&goto :eof) else (goto start menu)

:: #######################################################################################

:scan
cls&echo.&echo  Veuillez patientez ...

set option=Scan&set report=%systemdrive%\AD-report-Scan-%DATE:~0,2%.%DATE:~3,2%.%DATE:~6,4%.log

for /f "tokens=*" %%A in ('TOOLS\procs.exe -l ^| findstr /i /v "procs.exe findstr.exe cmd.exe"') do (set /a processcount+=1)

for %%A in (TOOLS	imer.txt %report%) do if exist "%%A" del /q "%%A"

TOOLS\TIMER /nologo

(echo.&echo ------- Logfile of %name% %ver% by %autor% ^| ONLY XP/VISTA -------
echo.&echo # START at: %TIME:~0,-9%:%TIME:~3,2%:%TIME:~6,2% ^| %date_% ^| Microsoft® %SE%™ %OS_version% %OS_sp% ^(%verw%^)
echo # BOOT MODE: %bootmode%
if defined UAC echo ^(!^) - %UAC%
echo # OPTION: %option% ^| EXECUTED FROM: %location%\%name2%
echo # PC: %computername% ^| USER: %username% ^( %admin%^)
echo # DRIVE^(S^): 
if exist "%temp%\drives.txt" type "%temp%\drives.txt"&del /q "%temp%\drives.txt"
echo # Internet Explorer v%verIE%
echo.&echo # RUNNING PROCESSES: %processcount%)>>%report%

:: ####################################################################################### 1

cls&echo.
echo         ÚÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ¿
echo         ³   %name% %ver% by %autor% - %TIME:~0,-9%:%TIME:~3,2%:%TIME:~6,2% ³ %date%   ³
echo         ÀÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÙ
echo.&echo.&echo.&echo.&echo.&echo.&echo.&echo          %step1%&echo.&echo           ^|/&echo     (\_/)&echo     (^^.^^)&echo    (")_(")

(echo.&echo +-----------------------^| Boonty/Boonty Games Elements found :&echo.)>>%report%

for %%A in (Boonty.exe BoontyBox.exe BoontyGames.0001) do (
   TOOLS\procs.exe -l | find /i "%%A"&if not errorlevel 1 (
      for /f "tokens=2 delims=[]" %%B in ('TOOLS\procs.exe -l ^| Find /i "%%A"') do (echo Process: "%%A" ^[PID:~%%B^]>>%report%)))>NUL
echo..>>%report%

for /f "tokens=*" %%A in ('sc query state^= all ^| find "SERVICE_NAME" ^| find /I "Boonty Games"') do (set Bsc_=here)
if defined Bsc_ ((echo Service: "Boonty Games"&echo..)>>%report%&set Bsc_= )

for /F "tokens=*" %%A in ('type TOOLS\1\list') do REG QUERY "%%A">NUL 2>NUL&if not errorlevel 1 echo %%A>>%report%
echo..>>%report%

for %%G in (TOOLS\1\AdL TOOLS\1\AdLF TOOLS\1\%data%) do (for /F "tokens=*" %%A in ('type %%G') do call TOOLS\found.cmd "%%A")

for %%A in (001 002 003) do (
   if exist "%windir%\unins%%A.dat" (
      if exist $uninsB del /q $uninsB
      if exist $uninsB2 del /q $uninsB2
      findstr /M /I "Boonty Boontygames" "%windir%\unins%%A.dat">>$uninsB
      for /f "tokens=*" %%A in ($uninsB) do echo unins%%A>>$uninsB2
      if exist $uninsB del /q $uninsB
      if exist $uninsB2 CALL TOOLS\found.cmd "$%windir%\unins%%A.dat$"&del /q $uninsB2))

for %%G in (TOOLS\1\AdLB) do (for /F "tokens=*" %%A in ('type %%G') do if exist "%desktop%\*%%A*" (for /f "tokens=*" %%B in ('dir /b/a "%desktop%\*%%A*"') do (CALL TOOLS\found.cmd "$%desktop%\%%B$")))
for %%G in (TOOLS\1\AdLP) do (for /F "tokens=*" %%A in ('type %%G') do if exist "%prefetch%\*%%A*" (for /f "tokens=*" %%B in ('dir /b/a "%prefetch%\*%%A*"') do (CALL TOOLS\found.cmd "$%prefetch%\%%B$")))
for %%G in (TOOLS\1\AdLC) do (for /F "tokens=*" %%A in ('type %%G') do if exist "%cookies%\*%%A*" (for /f "tokens=*" %%B in ('dir /b/a "%cookies%\*%%A*"') do (CALL TOOLS\found.cmd "$%cookies%\%%B$")))

:: ####################################################################################### 2 

cls&echo.
echo         ÚÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ¿
echo         ³   %name% %ver% by %autor% - %TIME:~0,-9%:%TIME:~3,2%:%TIME:~6,2% ³ %date%   ³
echo         ÀÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÙ
echo.&echo.&echo.&echo.&echo.&echo.&echo.&echo          %step2%&echo.&echo           ^|/&echo     (\_/)&echo     (^^.^^)&echo    (")_(")

(echo.&echo +-----------------------^| Eorezo Elements found :&echo.)>>%report%

(TOOLS\procs.exe -l | find /i "EoEngine.exe"&if not errorlevel 1 (
   for /f "tokens=2 delims=[]" %%A in ('TOOLS\procs.exe -l ^| Find /i "EoEngine.exe"') do (echo Process: "EoEngine.exe" ^[PID:~%%A^]>>%report%)))>NUL
echo..>>%report%

for /F "tokens=*" %%A in ('type TOOLS\2\list') do REG QUERY "%%A">NUL 2>NUL&if not errorlevel 1 echo %%A>>%report%
for %%A in (EoEngine EoWeather EoClock EoDesk3d EoNet EoSudoku EoMail EoComputer EoMap EoCalendar EoPhoto EoRss EoTraduction EoWiki EoProgrammeTele) do (
   reg query "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersionun" /v "%%A">NUL 2>&1&if not errorlevel 1 (echo HKLM\SOFTWARE\Microsoft\Windows\CurrentVersionun\%%A>>%report%))
echo..>>%report%

for %%G in (TOOLS\2\AdL TOOLS\2\AdLF TOOLS\2\%data%) do (for /F "tokens=*" %%A in ('type %%G') do call TOOLS\found.cmd "%%A")
for /f "tokens=*" %%A in ('dir /b/a/s "%TMP%" ^| find /i "Eorezo"') do (call TOOLS\found.cmd "$%%A$")
for %%G in (TOOLS\2\AdLB) do (for /F "tokens=*" %%A in ('type %%G') do if exist "%desktop%\*%%A*" (for /f "tokens=*" %%B in ('dir /b/a "%desktop%\*%%A*"') do (CALL TOOLS\found.cmd "$%desktop%\%%B$")))
for %%G in (TOOLS\2\AdLP) do (for /F "tokens=*" %%A in ('type %%G') do if exist "%prefetch%\*%%A*" (for /f "tokens=*" %%B in ('dir /b/a "%prefetch%\*%%A*"') do (CALL TOOLS\found.cmd "$%prefetch%\%%B$")))
for %%G in (TOOLS\2\AdLC) do (for /F "tokens=*" %%A in ('type %%G') do if exist "%cookies%\*%%A*" (for /f "tokens=*" %%B in ('dir /b/a "%cookies%\*%%A*"') do (CALL TOOLS\found.cmd "$%cookies%\%%B$")))

:: ####################################################################################### 3

cls&echo.
echo         ÚÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ¿
echo         ³   %name% %ver% by %autor% - %TIME:~0,-9%:%TIME:~3,2%:%TIME:~6,2% ³ %date%   ³
echo         ÀÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÙ
echo.&echo.&echo.&echo.&echo.&echo.&echo.
echo          %step3%&echo.&echo           ^|/&echo     (\_/)&echo     (^^.^^)&echo    (")_(")

(echo.&echo +-----------------------^| Everest Poker Elements found :&echo.)>>%report%

(TOOLS\procs.exe -l | find /i "Everest Poker.exe"&if not errorlevel 1 (
   for /f "tokens=2 delims=[]" %%A in ('TOOLS\procs.exe -l ^| Find /i "Everest Poker.exe"') do (echo Process: "Everest Poker.exe" ^[PID:~%%A^]>>%report%)))>NUL
echo..>>%report%

for /F "tokens=*" %%A in ('type TOOLS\3\list') do REG QUERY "%%A">NUL 2>NUL&if not errorlevel 1 echo %%A>>%report%
echo..>>%report%

for %%G in (TOOLS\3\AdL TOOLS\3\AdLF TOOLS\3\%data%) do (for /F "tokens=*" %%A in ('type %%G') do call TOOLS\found.cmd "%%A")
for %%G in (TOOLS\3\AdLB) do (for /F "tokens=*" %%A in ('type %%G') do if exist "%desktop%\*%%A*" (for /f "tokens=*" %%B in ('dir /b/a "%desktop%\*%%A*"') do (CALL TOOLS\found.cmd "$%desktop%\%%B$")))
for %%G in (TOOLS\3\AdLP) do (for /F "tokens=*" %%A in ('type %%G') do if exist "%prefetch%\*%%A*" (for /f "tokens=*" %%B in ('dir /b/a "%prefetch%\*%%A*"') do (CALL TOOLS\found.cmd "$%prefetch%\%%B$")))
for %%G in (TOOLS\3\AdLC) do (for /F "tokens=*" %%A in ('type %%G') do if exist "%cookies%\*%%A*" (for /f "tokens=*" %%B in ('dir /b/a "%cookies%\*%%A*"') do (CALL TOOLS\found.cmd "$%cookies%\%%B$")))

:: ####################################################################################### 4

cls&echo.
echo         ÚÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ¿
echo         ³   %name% %ver% by %autor% - %TIME:~0,-9%:%TIME:~3,2%:%TIME:~6,2% ³ %date%   ³
echo         ÀÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÙ
echo.&echo.&echo.&echo.&echo.&echo.&echo.&echo          %step4%&echo.&echo           ^|/&echo     (\_/)&echo     (^^.^^)&echo    (")_(")

(echo.&echo +-----------------------^| FunWebProducts/MyWay/MyWebSearch/MyGlobalSearch Elements found :&echo.)>>%report%

for %%A in (M3IMPIPE.exe M3SRCHMN.exe MWSOEMON.exe MWSSVC.exe M3SKPLAY.exe) do (
   TOOLS\procs.exe -l | find /i "%%A"&if not errorlevel 1 (
      for /f "tokens=2 delims=[]" %%B in ('TOOLS\procs.exe -l ^| Find /i "%%A"') do (echo Process: "%%A" ^[PID:~%%B^]>>%report%)))>NUL
echo..>>%report%

for /f "tokens=*" %%A in ('sc query state^= all ^| find /i "Service_Name" ^| find /I "MyWebSearchService"') do (set Msc_=here)
if defined Msc_ ((echo Service: "Mywebsearchservice"&echo..)>>%report%&set Bsc_= )

for /F "tokens=*" %%A in ('type TOOLS\4\list') do REG QUERY "%%A">NUL 2>NUL&if not errorlevel 1 echo %%A>>%report%

REG QUERY "HKUS\%USER%\Software\AppDataLow\software\Fun Web Products">NUL 2>NUL&if not errorlevel 1 echo "HKUS\%USER%\Software\AppDataLow\software\Fun Web Products">>%report%
REG QUERY "HKUS\%USER%\Software\AppDataLow\software\MyWebSearch">NUL 2>NUL&if not errorlevel 1 echo "HKUS\%USER%\Software\AppDataLow\software\MyWebSearch">>%report%
REG QUERY "HKUS\%USER%\Software\Microsoft\Internet Explorer\MenuExt\&Search">NUL 2>NUL&if not errorlevel 1 echo "HKUS\%USER%\Software\Microsoft\Internet Explorer\MenuExt\&Search">>%report%
REG QUERY "HKUS\%USER%\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}">NUL 2>NUL&if not errorlevel 1 echo "HKUS\%USER%\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}">>%report%

for %%A in ("00a6faf6-072e-44cf-8957-5838f569a31d" "4D25F926-B9FE-4682-BF72-8AB8210D6D75"
   ) do (reg query "HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks" /v "{%%~A}">NUL 2>&1&if not errorlevel 1 echo HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\{%%~A}>>%report%)

for %%A in ("07b18ea9-a523-4961-b6bb-170de4475cca" "37b85a29-692b-4205-9cad-2626e4993404"
   ) do (reg query "HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser" /v "{%%~A}">NUL 2>&1&if not errorlevel 1 echo HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{%%~A}>>%report%)

reg query "HKCU\Software\Microsoft\Windows\CurrentVersionun" /v "MyWebSearch Email Plugin">NUL 2>&1&if not errorlevel 1 echo HKCU\Software\Microsoft\Windows\CurrentVersionun\MyWebSearch Email Plugin>>%report%
reg query "HKCU\Software\Netscape\Netscape Navigator\Automation Shutdown" /v "MyWayToolBar.NetscapeShutdown.1">NUL 2>&1&if not errorlevel 1 echo HKCU\Software\Netscape\Netscape Navigator\Automation Shutdown\MyWayToolBar.NetscapeShutdown.1>>%report%
reg query "HKCU\Software\Netscape\Netscape Navigator\Automation Startup" /v "MyWayToolBar.NetscapeStartup.1">NUL 2>&1&if not errorlevel 1 echo HKCU\Software\Netscape\Netscape Navigator\Automation Startup\MyWayToolBar.NetscapeStartup.1>>%report%

for %%A in ("My Web Search Bar Search Scope Monitor" "MyWebSearch Email Plugin" "MyWebSearch Plugin" "My Web Search Bar") do (
   reg query "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersionun" /v "%%~A">NUL 2>&1&if not errorlevel 1 (echo HKLM\SOFTWARE\Microsoft\Windows\CurrentVersionun\%%~A>>%report%))

reg query "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform" /v "FunWebProducts">NUL 2>&1&if not errorlevel 1 echo HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform\FunWebProducts>>%report%
reg query "HKLM\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources" /v "f3PopularScreensavers">NUL 2>&1&if not errorlevel 1 echo HKLM\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources\f3PopularScreensavers>>%report%

for %%A in ("0494D0D9-F8E0-41ad-92A3-14154ECE70AC" "07B18EA9-A523-4961-B6BB-170DE4475CCA" "37b85a29-692b-4205-9cad-2626e4993404"
   ) do (reg query "HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar" /v "{%%~A}">NUL 2>&1&if not errorlevel 1 echo HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{%%~A}>>%report%)
echo..>>%report%

for %%G in (TOOLS\4\AdL TOOLS\4\AdLF TOOLS\4\%data%) do (for /F "tokens=*" %%A in ('type %%G') do call TOOLS\found.cmd "%%A")

if exist "%wlm%iched20.dll" (
   if exist $riched del /q $riched
   if exist $riched2 del /q $riched2
   findstr /M /I "smileycentral funwebproducts" "%wlm%iched20.dll">>$riched
   for /f "tokens=*" %%A in ($riched) do echo riched20>>$riched2
   if exist $riched del /q $riched
   if exist $riched2 CALL TOOLS\found.cmd "$%wlm%iched20.dll$"&del /q $riched2)

if exist "%wlm%\msimg32.dll" (
   if exist $msimg32 del /q $msimg32
   if exist $msimg322 del /q $msimg322
   findstr /M /I "FocusInteractive" "%wlm%\msimg32.dll">>$msimg32
   for /f "tokens=*" %%A in ($msimg32) do echo msimg32>>$msimg322
   if exist $msimg32 del /q $msimg32
   if exist $msimg322 CALL TOOLS\found.cmd "$%wlm%\msimg32.dll$"&del /q $msimg322)

if exist "%ie%\msimg32.dll" (
   if exist $msimgie32 del /q $msimgie32
   if exist $msimgie322 del /q $msimgie322
   findstr /M /I "FocusInteractive" "%ie%\msimg32.dll">>$msimgie32
   for /f "tokens=*" %%A in ($msimgie32) do echo msimg32>>$msimgie322
   if exist $msimgie32 del /q $msimgie32
   if exist $msimgie322 CALL TOOLS\found.cmd "$%ie%\msimg32.dll$"&del /q $msimgie322)

for %%G in (TOOLS\4\AdLB) do (for /F "tokens=*" %%A in ('type %%G') do if exist "%desktop%\*%%A*" (for /f "tokens=*" %%B in ('dir /b/a "%desktop%\*%%A*"') do (CALL TOOLS\found.cmd "$%desktop%\%%B$")))
for %%G in (TOOLS\4\AdLP) do (for /F "tokens=*" %%A in ('type %%G') do if exist "%prefetch%\*%%A*" (for /f "tokens=*" %%B in ('dir /b/a "%prefetch%\*%%A*"') do (CALL TOOLS\found.cmd "$%prefetch%\%%B$")))
for %%G in (TOOLS\4\AdLC) do (for /F "tokens=*" %%A in ('type %%G') do if exist "%cookies%\*%%A*" (for /f "tokens=*" %%B in ('dir /b/a "%cookies%\*%%A*"') do (CALL TOOLS\found.cmd "$%cookies%\%%B$")))

:: ####################################################################################### 5

cls&echo.
echo         ÚÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ¿
echo         ³   %name% %ver% by %autor% - %TIME:~0,-9%:%TIME:~3,2%:%TIME:~6,2% ³ %date%   ³
echo         ÀÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÙ
echo.&echo.&echo.&echo.&echo.&echo.&echo.&echo          %step5%&echo.&echo           ^|/&echo     (\_/)&echo     (^^.^^)&echo    (")_(")

(echo.&echo +-----------------------^| It's TV Elements found :&echo.)>>%report%

for /F "tokens=*" %%A in ('type TOOLS\5\list') do REG QUERY "%%A">NUL 2>NUL&if not errorlevel 1 echo %%A>>%report%
reg query "HKUS\%USER%\Software\ItsLabel">NUL 2>NUL&if not errorlevel 1 echo "HKUS\%USER%\Software\ItsLabel">>%report%
reg query "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "ItsTV">NUL 2>&1&if not errorlevel 1 echo HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ItsTV>>%report%
echo..>>%report%

for %%G in (TOOLS\5\AdL TOOLS\5\AdLF TOOLS\5\%data%) do (for /F "tokens=*" %%A in ('type %%G') do call TOOLS\found.cmd "%%A")
for %%G in (TOOLS\5\AdLB) do (for /F "tokens=*" %%A in ('type %%G') do if exist "%desktop%\*%%A*" (for /f "tokens=*" %%B in ('dir /b/a "%desktop%\*%%A*"') do (CALL TOOLS\found.cmd "$%desktop%\%%B$")))
for %%G in (TOOLS\5\AdLP) do (for /F "tokens=*" %%A in ('type %%G') do if exist "%prefetch%\*%%A*" (for /f "tokens=*" %%B in ('dir /b/a "%prefetch%\*%%A*"') do (CALL TOOLS\found.cmd "$%prefetch%\%%B$")))
for %%G in (TOOLS\5\AdLC) do (for /F "tokens=*" %%A in ('type %%G') do if exist "%cookies%\*%%A*" (for /f "tokens=*" %%B in ('dir /b/a "%cookies%\*%%A*"') do (CALL TOOLS\found.cmd "$%cookies%\%%B$")))

:: ####################################################################################### 6

cls&echo.
echo         ÚÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ¿
echo         ³   %name% %ver% by %autor% - %TIME:~0,-9%:%TIME:~3,2%:%TIME:~6,2% ³ %date%   ³
echo         ÀÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÙ
echo.&echo.&echo.&echo.&echo.&echo.&echo.&echo          %step6%&echo.&echo           ^|/&echo     (\_/)&echo     (^^.^^)&echo    (")_(")

(echo.&echo +-----------------------^| Sweetim Elements found :&echo.)>>%report%

(TOOLS\procs.exe -l | find /i "SweetIM.exe"&if not errorlevel 1 (
   for /f "tokens=2 delims=[]" %%A in ('TOOLS\procs.exe -l ^| Find /i "SweetIM.exe"') do (echo Process: "SweetIM.exe" ^[PID:~%%A^]>>%report%)))>NUL
echo..>>%report%

for /F "tokens=*" %%A in ('type TOOLS\6\list') do REG QUERY "%%A">NUL 2>NUL&if not errorlevel 1 echo %%A>>%report%

reg query "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersionun" /v "SweetIM">NUL 2>&1&if not errorlevel 1 (echo HKCU\SOFTWARE\Microsoft\Windows\CurrentVersionun\SweetIM>>%report%)
reg query "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersionun" /v "SweetIM">NUL 2>&1&if not errorlevel 1 (echo HKLM\SOFTWARE\Microsoft\Windows\CurrentVersionun\SweetIM>>%report%)

for %%A in (
   "BC4FFE41-DE9F-46fa-B455-AAD49B9F9938" "EEE6C35D-6118-11DC-9C72-001320C79847"
   ) do (reg query "HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks" /v "{%%~A}">NUL 2>&1&if not errorlevel 1 echo HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{%%~A}>>%report%)

for %%A in (
   "EEE6C35B-6118-11DC-9C72-001320C79847" "BC4FFE41-DE9F-46fa-B455-AAD49B9F9938"
   ) do (reg query "HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar" /v "{%%~A}">NUL 2>&1&if not errorlevel 1 echo HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{%%~A}>>%report%)

for %%A in (
   "02F47BF73B948514FAACADD8CBBDF37D" "080D9F5E1E95FEE4794CE438E635239E" "1E264E0A5959A1C46BA9175A878B12EA"
   "2E6768B6932D112438F047C54D180635" "351716A953E21214898904032EAE2E81" "397C771A7BCAC904697C3EC629ED33ED"
   "98CC8BF5A4A6E6C4ABF7051DDAB8B058" "A189D17A469616C4688D23E192996267" "D15DAF33C220F91468A1D7D57C31ACD7"
   "D3BA76A44C779424889063D5098ED2D6" "D6D0EB9FDBD90C04D92A7E729058F10D" "E4748F9A4181FCE46A23C13B517B9420"
   "5D72AF385B5242D47B69FD47F2805AFC" "07D5290CDBDAE4242926B8E6CA650501" "08E33F7B61DEFF24BB9673ED7D467636"
   "0E3D8A5B48622A445A7DF73FEFF32C3F" "1AC67655DD68F8240B2860F2D511EBD8" "46A5861A389ADB844AF89E31BC9DF0A1"
   "34EDDB1BFB3A2D448845F3EFD0F15A43" "4318DF19719275242801CBE292063A4C" "45FC115D1FEAEF849A4E1610D6EC8BF0"
   "49B0E1A6FF50BBE4289E4E23DE6EA0C7" "4CCCAC049F34D0540AAC13011398BEDB" "5C4389D0BFB302C479DE4178BD5D9EBA"
   "5D19F074C042AD34BAB463D4175A062E" "5D2B09BDEF4FE54418E6F3373CDBC7AC" "61B65D3397A1FBF4CB1571B5E4F6B5B0"
   "68E8A05C60DD9254591DBD16C94EDDBF" "697E782CF574CC34CBB9566440BA12BC" "6AE27A8613CF7EA4782F2886F67295E5"
   "7CE172051F585E04187BCB97570BFA74" "86A901BA5265452499DCBF719C378EE3" "88ABD1CD5C40EC84789A7F6EF86DAC5E"
   "980289C22F80A7C4BB9323DC61255E4E" "9A4B7EF3789F871419D9302583B20C15" "A6C53B0F76C44004A8F36716213017DB"
   "B59F2D8189784CC46A4597F2842480B0" "BD746FB95FB8E5B45BF66BE54D5FD91F" "CCF399FCD6D2D3F46BF02A1378654FC9"
   "D149C1355C98DE24E82CEFBD996FE06A" "DB59FDB786388EA4D897F3EE715683AC" "DB8DAD19CFBCC2049A4477183787E8C5"
   "E337925F629CF4C4FB08F3D9674DD839" "EC65F200D112357449C8B1BC3CFA03D0" "427EA997C413D1D47907CBFC7B2DB432"
   "E1C820A74ED67374BA048B52CB3C3804" "F327D0C73C0973644A21E8CC852267A0" "F754C503375A13344B22388E18DFE87E"
   "FA96423FE2B98E248A3B23548D1E22D9" "430B9074095998B438236F5FB1ED75CB" "80719E8EA720305459C0EE8389E9CAFB"
   "A8B8696B937B0D04B8796ADECB6EC106" "B084A05F467835D4394CCF76723438C1" "E6E39982D5828024DA11899256779137"
   "428C9AFC877ABE7409DCBBD48BC23F84" "5D72AF385B5242D47B69FD47F2805AFC" "95F6749CBA47B4E43A63A3D7F0CE6B51"
   "0FF2AEFF45EEA0A48A4B33C1973B6094" "305B09CE8C53A214DB58887F62F25536"
   ) do (reg query "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\%%~A" | findstr /i "macrogaming sweetim"&if not errorlevel 1 echo HKLM\~\UserData\S-1-5-18\Components\%%~A>>%report%)>NUL 2>&1

for %%A in (
   "0337C6624F0C5E94F8025AF6F9288257" "428C9AFC877ABE7409DCBBD48BC23F84" "5D72AF385B5242D47B69FD47F2805AFC"
   "95F6749CBA47B4E43A63A3D7F0CE6B51" "BF8532058170CB541B2457111F96D485" "D91C9455EF645794DA45B5738EF76F2E"
   "2B1C97F02B6326B428122427C15F6483" "310EAEEA1F2951542B8731F9A196A253" "E3124E1ADA6085C43851291F51139D06"
   ) do (reg query "HKLM\SOFTWARE\Classes\Installer\Products\%%~A" | findstr /i "macrogaming sweetim"&if not errorlevel 1 echo HKLM\SOFTWARE\Classes\Installer\Product\%%~A>>%report%)>NUL 2>&1

for %%A in (
   "BF8532058170CB541B2457111F96D485" "5D72AF385B5242D47B69FD47F2805AFC" "428C9AFC877ABE7409DCBBD48BC23F84"
   "0337C6624F0C5E94F8025AF6F9288257" "95F6749CBA47B4E43A63A3D7F0CE6B51" "D91C9455EF645794DA45B5738EF76F2E"
   "E3124E1ADA6085C43851291F51139D06"
   ) do (reg query "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\%%~A" | findstr /i "macrogaming sweetim"&if not errorlevel 1 echo HKLM\~\Installer\UserData\S-1-5-18\Products\%%~A>>%report%)>NUL 2>&1
echo..>>%report%

for /f "tokens=*" %%A in ('dir /a-d/b/s "%windir%\INSTALLER" ^| find /i ".msi"') do (type "%%A" | findstr /i "Sweetim macrogaming"&if not errorlevel 1 (call TOOLS\found.cmd "$%%A$"))>NUL 2>&1

for %%G in (TOOLS\6\AdL TOOLS\6\AdLF TOOLS\6\%data%) do (for /F "tokens=*" %%A in ('type %%G') do call TOOLS\found.cmd "%%A")
for %%G in (TOOLS\6\AdLB) do (for /F "tokens=*" %%A in ('type %%G') do if exist "%desktop%\*%%A*" (for /f "tokens=*" %%B in ('dir /b/a "%desktop%\*%%A*"') do (CALL TOOLS\found.cmd "$%desktop%\%%B$")))
for %%G in (TOOLS\6\AdLP) do (for /F "tokens=*" %%A in ('type %%G') do if exist "%prefetch%\*%%A*" (for /f "tokens=*" %%B in ('dir /b/a "%prefetch%\*%%A*"') do (CALL TOOLS\found.cmd "$%prefetch%\%%B$")))
for %%G in (TOOLS\6\AdLC) do (for /F "tokens=*" %%A in ('type %%G') do if exist "%cookies%\*%%A*" (for /f "tokens=*" %%B in ('dir /b/a "%cookies%\*%%A*"') do (CALL TOOLS\found.cmd "$%cookies%\%%B$")))

:: ####################################################################################### ADS

cls&echo.
echo         ÚÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ¿
echo         ³   %name% %ver% by %autor% - %TIME:~0,-9%:%TIME:~3,2%:%TIME:~6,2% ³ %date%   ³
echo         ÀÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÙ
echo.&echo.&echo.&echo.&echo.&echo.&echo.&echo          %step7%&echo.&echo           ^|/&echo     (\_/)&echo     (^^.^^)&echo    (")_(")

(echo.&echo +-----------------------^| ADDED SCAN :)>>%report%

if exist TOOLS\prefs-list.txt del /q "TOOLS\prefs-list.txt

   if exist "%APPDATA%\Mozilla\Firefox\Profiles\%FF%" (
      pushd "%APPDATA%\Mozilla\Firefox\Profiles\%FF%"
      if exist prefs.js (
         (echo.&echo.&echo +---------- Scanning prefs.js ... ^( # Mozilla User Preferences ^)
         echo.&echo ..\%FF%\prefs.js :
         echo.&echo ^~^~^~^~ Mozilla FireFox version %verFF% ^~^~^~^~
         echo.)>>%report% 
         Type Prefs.js | find /i "browser.search.defaultenginename">>"%temp%\bsde.dat"
         if exist "%temp%\bsde.dat" (for /f "tokens=2 delims=,)" %%A in ('type "%temp%\bsde.*"') do echo * Browser Search Default Engine: %%A>>%report%
         del /q "%temp%\bsde.*")
         Type Prefs.js | find /i "browser.search.selectedEngine">>"%temp%\bsse.dat"
         if exist "%temp%\bsse.dat" (for /f "tokens=2 delims=,)" %%A in ('type "%temp%\bsse.*"') do echo * Browser Search Selected Engine: %%A>>%report%
         del /q "%temp%\bsse.*")
         Type Prefs.js | find /i "browser.search.defaulturl">>"%temp%\bsdu.dat"
         if exist "%temp%\bsdu.dat" (for /f "tokens=2 delims=,)" %%A in ('type "%temp%\bsdu.*"') do echo * Browser Search Default Url: %%A>>%report%
         del /q "%temp%\bsdu.*")
         Type Prefs.js | find /i "browser.startup.homepage">>"%temp%\home.dat"
         if exist "%temp%\home.dat" (type "%temp%\home.*" | find /i "http">"%temp%\home2.dat" 2>NUL
            if exist "%temp%\home2.*" (for /f "tokens=2 delims=,)" %%A in ('type "%temp%\home2.*"') do (echo * Browser Startup HomePage: %%A>>%report%)
            del /q "%temp%\home.*"
            del /q "%temp%\home2.*"))
            (echo.&echo..)>>%report%
            Type Prefs.js | findstr /i "eorezo eo.st lo.st sweetim">>"%location%\TOOLS\prefs-list.txt"
            if exist "%location%\TOOLS\prefs-list.txt" (
            for /f "tokens=1* delims=" %%B in ('type "%location%\TOOLS\prefs-list.txt"') do (echo FOUND -%%B>>%report%)
            (echo.&echo +---------------------------------------------------------------------------+&echo.)>>%report%
            del /q "%location%\TOOLS\prefs-list.txt"
            popd)))
Call :ads

:: ####################################################################################### EOF

(echo.&echo +---------------------------------------------------------------------------+&echo.)>>%report%

for /f "tokens=1* delims=" %%A in ('type "%report%"') do (set /a count+=1)

for %%A in ("%systemdrive%\Ad-report-*-*.log") do if exist %%A (echo ^[~%%~zA bytes^] - "%%A")>>%report%

TOOLS\TIMER /nologo /s>>time.txt
if exist time.txt (for /f "tokens=* delims=" %%A in (time.txt) do (set laps=%%A&del /q time.txt))
if exist TOOLS	imer.txt del /q TOOLS	imer.txt

(echo.&echo # END at: %TIME:~0,-9%:%TIME:~3,2%:%TIME:~6,2% ^| %date% - Time elapsed: %laps% )>>%report% 

(echo.&echo +---------------------------------------------------------------------------+
echo +------------------------------- [ E.O.F - %count% lines ]
echo +---------------------------------------------------------------------------+&echo.)>>%report%

cls&echo.
echo         ÚÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ¿
echo         ³   %name% %ver% by %autor% - %TIME:~0,-9%:%TIME:~3,2%:%TIME:~6,2% ³ %date%   ³
echo         ÀÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÙ
echo.&echo.&echo.&echo.&echo.&echo %end% %report%&echo.&echo Appuyez sur une touche pour continuer..&echo.&echo           ^|/&echo     (\_/)&echo     (^^.^^)&echo    (")_(")&pause>NUL

start /MAX notepad %report% 
goto :eof

:: #######################################################################################

:begin
if exist %chemchoix% del /q %chemchoix%
if exist "%systemdrive%	mp1.txt" del /q "%systemdrive%	mp1.txt"
if exist "%systemdrive%	mp2.txt" del /q "%systemdrive%	mp2.txt"
set option=Clean&set report=%systemdrive%\AD-report-Clean-%DATE:~0,2%.%DATE:~3,2%.%DATE:~6,4%.log
set A=1. Suppression Boonty/BoontyGames              ^[ ^]     º
set B=2. Suppression Eorezo                          ^[ ^]     º
set C=3. Suppression Everest Poker                   ^[ ^]     º
set D=4. Suppression Funwebproduct/MyWay/MyWebsearch ^[ ^]     º
set E=5. Suppression It's TV                         ^[ ^]     º
set F=6. Suppression Sweetim                         ^[ ^]     º
set X=0. D‚cocher tout                                       º
for %%A in (count1 count2 count3 count4 count5 count6 count2_6) do set /a %%A=0

:inter
mode con: cols=75 lines=26 &color 3F
cls&echo.
echo         ÉÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ»
echo         º                                                            º
echo         º     A. Supprimer tout                                      º
echo         º                                                            º
echo         º     %A%
echo         º     %B%
echo         º     %C%
echo         º     %D%
echo         º     %E%
echo         º     %F%
echo         º                                                            º
echo         º     %X%
echo         º                                                            º
echo         º     R. Retour au menu principal                            º
echo         º     Q. Quitter                                             º
echo         º                                                            º
echo         º                                                            º
echo         º           ÚÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ¿             º
echo         º           ³ S. Supprimer les ‚l‚ments coch‚s ³             º
echo         º           ÀÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÙ             º
echo         º                                                            º
echo         ÈÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ¼
echo.&set /p select=Que voulez-vous faire ? ^(A,1,2,3,4,5,6,0,R,Q,S^) :
if /i %select%==A (
   "%location%\TOOLS
ircmd.exe" BEEP 9999 100
   if %count1% GEQ 1 goto inter
   if %count2% GEQ 1 goto inter
   if %count3% GEQ 1 goto inter
   if %count4% GEQ 1 goto inter
   if %count5% GEQ 1 goto inter
   if %count6% GEQ 1 goto inter
   echo Boonty/BoontyGames>>%chemchoix%&set A=1. Suppression Boonty/BoontyGames              ^[X^]     º
   set /a count1+=1
   echo Eorezo>>%chemchoix%&set B=2. Suppression Eorezo                          ^[X^]     º
   set /a count2+=1
   echo Everest Poker>>%chemchoix%&set C=3. Suppression Everest Poker                   ^[X^]     º
   set /a count3+=1
   echo Funwebproduct/MyWay/MyWebsearch>>%chemchoix%&set D=4. Suppression Funwebproduct/MyWay/MyWebsearch ^[X^]     º
   set /a count4+=1
   echo It's TV>>%chemchoix%&set E=5. Suppression It's TV                         ^[X^]     º
   set /a count5+=1
   echo Sweetim>>%chemchoix%&set F=6. Suppression Sweetim                         ^[X^]     º
   set /a count6+=1&goto inter)
if %select%==1 (
   if %count1% GEQ 1 "%location%\TOOLS
ircmd.exe" BEEP 9999 100&goto inter
   echo Boonty/BoontyGames>>%chemchoix%&set A=1. Suppression Boonty/BoontyGames              ^[X^]     º
   set /a count1+=1&"%location%\TOOLS
ircmd.exe" BEEP 9999 100&goto inter)
if %select%==2 (
   if %count2% GEQ 1 "%location%\TOOLS
ircmd.exe" BEEP 9999 100&goto inter
   echo Eorezo>>%chemchoix%&set B=2. Suppression Eorezo                          ^[X^]     º
   set /a count2+=1&"%location%\TOOLS
ircmd.exe" BEEP 9999 100&goto inter)
if %select%==3 (
   if %count3% GEQ 1 "%location%\TOOLS
ircmd.exe" BEEP 9999 100&goto inter
   echo Everest Poker>>%chemchoix%&set C=3. Suppression Everest Poker                   ^[X^]     º
   set /a count3+=1&"%location%\TOOLS
ircmd.exe" BEEP 9999 100&goto inter)
if %select%==4 (
   if %count4% GEQ 1 "%location%\TOOLS
ircmd.exe" BEEP 9999 100&goto inter
   echo Funwebproduct/MyWay/MyWebsearch>>%chemchoix%&set D=4. Suppression Funwebproduct/MyWay/MyWebsearch ^[X^]     º
   set /a count4+=1&"%location%\TOOLS
ircmd.exe" BEEP 9999 100&goto inter)
if %select%==5 (
   if %count5% GEQ 1 "%location%\TOOLS
ircmd.exe" BEEP 9999 100&goto inter
   echo It's TV>>%chemchoix%&set E=5. Suppression It's TV                         ^[X^]     º
   set /a count5+=1&"%location%\TOOLS
ircmd.exe" BEEP 9999 100&goto inter)
if %select%==6 (
   if %count6% GEQ 1 "%location%\TOOLS
ircmd.exe" BEEP 9999 100&goto inter
   echo Sweetim>>%chemchoix%&set F=6. Suppression Sweetim                         ^[X^]     º
   set /a count6+=1&"%location%\TOOLS
ircmd.exe" BEEP 9999 100&goto inter)
if %select%==0 ("%location%\TOOLS
ircmd.exe" BEEP 9999 100&goto begin)
if /i %select%==R goto start menu
if /i %select%==Q goto :eof
if /i %select%==S goto startup
goto inter

:startup
cls&mode con: cols=75 lines=26&color 3F
echo.&if not exist %chemchoix% goto :eof
echo    ******  Vous avez choisi de supprimer  ******
echo.&type %chemchoix%
echo.&echo.&echo Voulez-vous continuer ?
echo.&set /p mode= Oui 'o' ou Non 'n' ?
if /i %mode%==O goto clean
if /i %mode%==N del /q %chemchoix%&goto inter

:: #######################################################################################

:clean
for %%A in (TOOLS	imer.txt %report% $todel $todel2) do if exist "%%A" del /q "%%A"

for /f "tokens=*" %%A in ('TOOLS\procs.exe -l ^| findstr /i /v "procs.exe findstr.exe cmd.exe"') do (set /a processcount+=1)

for %%A in (explorer.exe firefox.exe flock.exe iexplore.exe iexplorer.exe Msnmsgr.exe Opera.exe rundll32.exe sidebar.exe) do (TOOLS\process -k "%%A">NUL 2>NUL)

TOOLS\TIMER /nologo

(echo.&echo ------- Logfile of %name% %ver% by %autor% ^| ONLY XP/VISTA -------
echo.&echo *** Limited to ***
echo.&if exist %chemchoix% type %chemchoix%&del /q %chemchoix%
echo.&echo ******************
echo.&echo # START at: %TIME:~0,-9%:%TIME:~3,2%:%TIME:~6,2% ^| %date_% ^| Microsoft® %SE%™ %OS_version% %OS_sp% ^(%verw%^)
echo # BOOT MODE: %bootmode%
if defined UAC echo ^(!^) - %UAC%
echo # OPTION: %option% ^| EXECUTED FROM: %location%\%name2%
echo # PC: %computername% ^| USER: %username% ^( %admin%^)
echo # DRIVE^(S^): 
if exist "%temp%\drives.txt" type "%temp%\drives.txt"&del /q "%temp%\drives.txt"
echo # Internet Explorer v%verIE%
echo.&echo # RUNNING PROCESSES: %processcount%)>>%report%

(echo Windows Registry Editor Version 5.00
echo.&echo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN]
echo "Start Page"="https://www.msn.com/fr-fr"
echo.&echo [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MAIN]
echo "Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
echo.&echo [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet explorer\AboutURLs]
echo "Tabs"="res://ieframe.dll/tabswelcome.htm")>>TOOLS\Reset.reg

if exist TOOLS\Reset.reg (regedit.exe /s TOOLS\Reset.reg>NUL 2>NUL&del /q TOOLS\Reset.reg)
(echo.&echo ^(!^) ---- IE start pages reset)>>%report%

:: ####################################################################################### 1

if NOT %count1%==0 (
   cls&echo.
   echo         ÚÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ¿
   echo         ³   %name% %ver% by %autor% - %TIME:~0,-9%:%TIME:~3,2%:%TIME:~6,2% ³ %date%   ³
   echo         ÀÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÙ
   echo.&echo.&echo.&echo.&echo.&echo.&echo.&echo          %step1b%&echo.&echo           ^|/&echo     (\_/^)&echo     (^^.^^^)&echo    (")_("^)

   (echo.&echo +-----------------------^| Boonty/Boonty Games Elements Deleted :&echo.)>>%report%

   for %%A in (Boonty.exe BoontyBox.exe BoontyGames.0001) do (
      TOOLS\procs.exe -l | find /i "%%A"&if not errorlevel 1 (
         for /f "tokens=2 delims=[]" %%B in ('TOOLS\procs.exe -l ^| Find /i "%%A"') do (echo Process: "%%A" ^[PID:~%%B^]>>%report%&TOOLS\process -k "%%A">NUL 2>&1)))>NUL
   echo..>>%report%

   for /f "tokens=*" %%A in ('sc query state^= all ^| find /i "Service_Name" ^| find /i "Boonty Games"') do (set Bsc_=here)
   if defined Bsc_ (
      sc config "Boonty Games" start= disabled>NUL 2>NUL
      sc stop "Boonty Games">NUL 2>NUL
      sc delete "Boonty Games">NUL 2>NUL
      set Bsc_=
      for /f "tokens=*" %%B in ('sc query state^= all ^| find /i "Service_Name" ^| find /i "Boonty Games"') do (set Bsc_=here)
      if not defined Bsc_ ((echo Service: "Boonty Games"&echo..)>>%report%)
      if defined Bsc_ ((echo ^/!^\ NOT DELETED - Service: "Boonty Games")&echo..)>>%report%)

   for /F "tokens=*" %%A in ('type TOOLS\1\list') do REG QUERY "%%A">NUL 2>NUL&if not errorlevel 1 echo %%A>>"%systemdrive%	mp1.txt"

   if exist "%systemdrive%	mp1.txt" (
      for /f "tokens=1* delims=" %%A in ('type "%systemdrive%	mp1.txt"') do (
         reg query "%%A">NUL 2>NUL
         if not errorlevel 1 echo %%A>>"%systemdrive%	mp2.txt"
         TOOLS\SWreg.exe acl "%%A" /ge:fr /p /q
         TOOLS\SWreg.exe delete "%%A">NUL 2>NUL))

   if exist "%systemdrive%	mp2.txt" (
      for /f "tokens=1* delims=" %%A in ('type "%systemdrive%	mp2.txt"') do (
         reg query "%%A">NUL 2>NUL
         if NOT errorlevel 1 (echo ^/!^\ NOT DELETED - %%A>>%report%&echo "%%A">>$todel2) else (echo %%A>>%report%)))

   for %%G in (%systemdrive%	mp1.txt %systemdrive%	mp2.txt) do if exist "%%G" del /q "%%G"
   echo..>>%report%

   for %%G in (TOOLS\1\AdL TOOLS\1\AdLF TOOLS\1\%data%) do (for /F "tokens=*" %%A in ('type %%G') do call TOOLS\delete.cmd "%%A")

for %%A in (001 002 003) do (
   if exist "%windir%\unins%%A.dat" (
      if exist $uninsB del /q $uninsB
      if exist $uninsB2 del /q $uninsB2
      findstr /M /I "Boonty Boontygames" "%windir%\unins%%A.dat">>$uninsB
      for /f "tokens=*" %%A in ($uninsB) do echo unins%%A>>$uninsB2
      if exist $uninsB del /q $uninsB
      if exist $uninsB2 CALL TOOLS\delete.cmd "$%windir%\unins%%A.dat$"&del /q $uninsB2))

   for /f "tokens=*" %%A in ('type TOOLS\1\AdLB') do if exist "%desktop%\*%%A*" (for /f "tokens=*" %%B in ('dir /b/a "%desktop%\*%%A*"') do CALL TOOLS\delete.cmd "$%desktop%\%%B$")
   for /f "tokens=*" %%A in ('type TOOLS\1\AdLP') do if exist "%prefetch%\*%%A*" (for /f "tokens=*" %%B in ('dir /b/a "%prefetch%\*%%A*"') do CALL TOOLS\delete.cmd "$%prefetch%\%%B$")
   for /f "tokens=*" %%A in ('type TOOLS\1\AdLC') do if exist "%cookies%\*%%A*" (for /f "tokens=*" %%B in ('dir /b/a "%cookies%\*%%A*"') do CALL TOOLS\delete.cmd "$%cookies%\%%B$"))

:: ####################################################################################### 2

if NOT %count2%==0 (
   cls&echo.
   echo         ÚÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ¿
   echo         ³   %name% %ver% by %autor% - %TIME:~0,-9%:%TIME:~3,2%:%TIME:~6,2% ³ %date%   ³
   echo         ÀÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÙ
   echo.&echo.&echo.&echo.&echo.&echo.&echo.&echo          %step2b%&echo.&echo           ^|/&echo     (\_/^)&echo     (^^.^^^)&echo    (")_("^)

   (echo.&echo +-----------------------^| Eorezo Elements Deleted :&echo.)>>%report%

   set /a count2_6+=1

   (TOOLS\procs.exe -l | find /i "EoEngine.exe"&if not errorlevel 1 (
      for /f "tokens=2 delims=[]" %%B in ('TOOLS\procs.exe -l ^| Find /i "EoEngine.exe"') do (echo Process: "EoEngine.exe" ^[PID:~%%B^]>>%report%&TOOLS\process -k "EoEngine.exe">NUL 2>&1)))>NUL
   echo..>>%report%

   for /F "tokens=*" %%A in ('type TOOLS\2\list') do REG QUERY "%%A">NUL 2>NUL&if not errorlevel 1 echo %%A>>"%systemdrive%	mp1.txt"

   for %%A in (EoEngine EoWeather EoClock EoDesk3d EoNet EoSudoku EoMail EoComputer EoMap EoCalendar EoPhoto EoRss EoTraduction EoWiki EoProgrammeTele) do (
      reg query "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersionun" /v "%%A">NUL 2>&1&if not errorlevel 1 (
      TOOLS\SWreg.exe acl "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersionun" /v "%%A" /ge:fr /p /q
      TOOLS\SWreg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersionun" /v "%%A">NUL 2>NUL
      reg query "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersionun" /v "%%A">NUL 2>&1&if not errorlevel 1 (
         echo ^/!^\ NOT DELETED - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersionun\%%A>>%report%&echo "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersionun" /v "%%A">>$todel2) else (
             echo HKLM\SOFTWARE\Microsoft\Windows\CurrentVersionun\%%A>>%report%)))

   if exist "%systemdrive%	mp1.txt" (
      for /f "tokens=1* delims=" %%A in ('type "%systemdrive%	mp1.txt"') do (
         reg query "%%A">NUL 2>NUL
         if not errorlevel 1 echo %%A>>"%systemdrive%	mp2.txt"
         TOOLS\SWreg.exe acl "%%A" /ge:fr /p /q
         TOOLS\SWreg.exe delete "%%A">NUL 2>NUL))

   if exist "%systemdrive%	mp2.txt" (
      for /f "tokens=1* delims=" %%A in ('type "%systemdrive%	mp2.txt"') do (
         reg query "%%A">NUL 2>NUL
         if NOT errorlevel 1 (echo ^/!^\ NOT DELETED - %%A>>%report%&echo "%%A">>$todel2) else (echo %%A>>%report%)))

   for %%G in (%systemdrive%	mp1.txt %systemdrive%	mp2.txt) do if exist "%%G" del /q "%%G"
   echo..>>%report%

   for %%G in (TOOLS\2\AdL TOOLS\2\AdLF TOOLS\2\%data%) do (for /F "tokens=*" %%A in ('type %%G') do call TOOLS\delete.cmd "%%A")
   for /f "tokens=*" %%A in ('dir /b/a/s "%TMP%" ^| find /i "Eorezo"') do (
      %del% "%%A">NUL 2>&1
      %del1% "%%A">NUL 2>&1
      if not exist "%%A" echo %%A>>%report%
      if exist "%%A" echo ^/!^\ NOT DELETED - %%A>>%report%)
   for /f "tokens=*" %%A in ('type TOOLS\2\AdLB') do if exist "%desktop%\*%%A*" (for /f "tokens=*" %%B in ('dir /b/a "%desktop%\*%%A*"') do CALL TOOLS\delete.cmd "$%desktop%\%%B$")
   for /f "tokens=*" %%A in ('type TOOLS\2\AdLP') do if exist "%prefetch%\*%%A*" (for /f "tokens=*" %%B in ('dir /b/a "%prefetch%\*%%A*"') do CALL TOOLS\delete.cmd "$%prefetch%\%%B$")
   for /f "tokens=*" %%A in ('type TOOLS\2\AdLC') do if exist "%cookies%\*%%A*" (for /f "tokens=*" %%B in ('dir /b/a "%cookies%\*%%A*"') do CALL TOOLS\delete.cmd "$%cookies%\%%B$"))

:: ####################################################################################### 3

if NOT %count3%==0 (
   cls&echo.
   echo         ÚÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ¿
   echo         ³   %name% %ver% by %autor% - %TIME:~0,-9%:%TIME:~3,2%:%TIME:~6,2% ³ %date%   ³
   echo         ÀÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÙ
   echo.&echo.&echo.&echo.&echo.&echo.&echo.&echo          %step3b%&echo.&echo           ^|/&echo     (\_/^)&echo     (^^.^^^)&echo    (")_("^)

   (echo.&echo +-----------------------^| Everest Poker Elements Deleted :&echo.)>>%report%

   (TOOLS\procs.exe -l | find /i "Everest Poker.exe"&if not errorlevel 1 (
      for /f "tokens=2 delims=[]" %%B in ('TOOLS\procs.exe -l ^| Find /i "Everest Poker.exe"') do (echo Process: "Everest Poker.exe" ^[PID:~%%B^]>>%report%&TOOLS\process -k "Everest Poker.exe">NUL 2>&1)))>NUL
   echo..>>%report%

   for /F "tokens=*" %%A in ('type TOOLS\3\list') do REG QUERY "%%A">NUL 2>NUL&if not errorlevel 1 echo %%A>>"%systemdrive%	mp1.txt"

   if exist "%systemdrive%	mp1.txt" (
      for /f "tokens=1* delims=" %%A in ('type "%systemdrive%	mp1.txt"') do (
         reg query "%%A">NUL 2>NUL
         if not errorlevel 1 echo %%A>>"%systemdrive%	mp2.txt"
         TOOLS\SWreg.exe acl "%%A" /ge:fr /p /q
         TOOLS\SWreg.exe delete "%%A">NUL 2>NUL))

   if exist "%sy

plopus · Answer

oulala  mais comment sa ce fait que les rapports sont comme sa?!?!

en tout cas tu peux relancer l'option 2 de AD REMOVER selectionne tout avec A  et ensuite appui sur S pour lancer la suppression et poste le rapport 

Fait sa en fermant tout tes programmes , deconnecte toi d'internet.

puis après

Télécharge Random's System Information Tool (RSIT) par random/random et sauvegarde-le sur ton Bureau.
http://images.malwareremoval.com/random/RSIT.exe 
2 rapport s ouvrirons poste les 2 ici mais séparément pour pas que les message soient coupés

junon16 · Answer

suite 2ème rapport
Logfile of random's system information tool 1.05 (written by random/random)
Run by SEVELLEC Françoise at 2009-01-07 18:23:39
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 77 GB (67%) free of 114 GB
Total RAM: 255 MB (38% free)


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{243B17DE-77C7-46BF-B94B-0B5F309A0E64}]
c:\Program Files\Microsoft Money\System\mnyside.dll [2002-07-17 163906]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-01-28 1554256]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}]
EoBho Class - C:\Program Files\eoRezo\EoAdv\EoRezobho.dll [2007-01-25 106496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-04-17 323904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2008-07-28 160496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDD3B846-8D59-4ffb-8758-209B6AD74ACC}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATIModeChange"=C:\WINDOWS\system32\Ati2mdxx.exe [2003-03-05 28672]
"ATIPTA"=C:\ATI-CPanel\atiptaxx.exe [2003-02-06 315392]
"Adobe Photo Downloader"=C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe [2005-06-23 57344]
"avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-01-28 2097488]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe [2005-10-28 94208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\TGBBOB]
C:\WINDOWS\system32\TGBBOBNotif.dll [2003-03-19 45056]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-02-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
etwork
m]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
etwork
m.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
etwork\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
etwork\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=FF000000

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\EMCO Malware Destroyer\MalwareDestroyer.exe"="C:\Program Files\EMCO Malware Destroyer\MalwareDestroyer.exe:*:Enabled:Malware Scanner for Home User's"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======File associations======

.bat - open - 
.cmd - open - 
.com - open - 
.scr - open - 
.scr - config - 

======List of files/folders created in the last 1 months======

2009-01-07 18:23:39 ----DC---- C:sit
2009-01-07 16:48:21 ----DC---- C:\Program Files\Ad-remover
2009-01-07 09:09:23 ----DC---- C:\Documents and Settings\SEVELLEC Françoise\Application Data\Malwarebytes
2009-01-07 09:08:58 ----DC---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-01-07 09:08:57 ----DC---- C:\Program Files\Malwarebytes' Anti-Malware
2008-12-20 19:07:11 ----DC---- C:\Program Files\Fichiers communs\Scanner
2008-12-20 19:06:59 ----DC---- C:\Program Files\CA Yahoo! Anti-Spy
2008-12-20 19:04:44 ----DC---- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion

======List of files/folders modified in the last 1 months======

2009-01-07 18:23:42 ----DC---- C:\WINDOWS\Prefetch
2009-01-07 18:09:45 ----DC---- C:\WINDOWS\Temp
2009-01-07 17:50:31 ----AC---- C:\WINDOWS\NeroDigital.ini
2009-01-07 17:11:30 ----ADC---- C:\WINDOWS\system32
2009-01-07 17:08:32 ----DC---- C:\WINDOWS\system32\drivers
2009-01-07 17:02:03 ----DC---- C:\WINDOWS
2009-01-07 16:48:21 ----RDC---- C:\Program Files
2009-01-07 16:42:50 ----AC---- C:\WINDOWS\ModemLog_OLITEC PCI V92 V4 Modem.txt
2009-01-07 16:40:25 ----N---- C:\WINDOWS\SchedLgU.Txt
2009-01-06 20:16:40 ----DC---- C:\WINDOWS\system32\CatRoot2
2009-01-06 18:25:37 ----DC---- C:\Program Files\Navilog1
2009-01-03 10:57:02 ----SDC---- C:\WINDOWS\Downloaded Program Files
2009-01-03 10:47:28 ----DC---- C:\Program Files\Heredis 8
2009-01-03 10:42:10 ----DC---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-01-02 20:47:52 ----DC---- C:\WINDOWS\system32\config
2009-01-02 20:47:26 ----DC---- C:\WINDOWS\system32\wbem
2009-01-02 20:47:25 ----DC---- C:\WINDOWS\Registration
2009-01-02 20:47:01 ----HDC---- C:\WINDOWS\inf
2009-01-02 17:30:47 ----DC---- C:\WINDOWS\system32\Macromed
2008-12-25 20:20:46 ----DC---- C:\WINDOWS\Debug
2008-12-25 20:16:48 ----AC---- C:\Unlocker-log-handles.txt
2008-12-25 20:02:54 ----ADC---- C:\Documents and Settings\All Users\Application Data\TEMP
2008-12-20 20:34:16 ----DC---- C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-12-20 19:07:11 ----DC---- C:\Program Files\Fichiers communs
2008-12-20 19:04:43 ----DC---- C:\Program Files\Yahoo!
2008-12-20 18:49:42 ----DC---- C:\WINDOWS\Help
2008-12-20 18:49:42 ----DC---- C:\Program Files\Super Mastermind
2008-12-20 18:49:42 ----DC---- C:\ATI-CPanel
2008-12-20 17:50:42 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-12-20 08:54:54 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-12-20 08:54:47 ----DC---- C:\Program Files\Internet Explorer
2008-12-20 08:54:10 ----DC---- C:\WINDOWS\ie7updates
2008-12-20 08:53:14 ----HDC---- C:\WINDOWS\$hf_mig$
2008-12-19 21:06:34 ----SHDC---- C:\WINDOWS\Installer
2008-12-19 21:06:34 ----DC---- C:\Config.Msi
2008-12-19 18:02:30 ----DC---- C:\WINDOWS\WinSxS
2008-12-19 18:01:03 ----DC---- C:\Program Files\Fichiers communs\Adobe
2008-12-19 18:01:02 ----DC---- C:\Program Files\Adobe
2008-12-19 15:51:55 ----DC---- C:\Documents and Settings\SEVELLEC Françoise\Application Data\Adobe
2008-12-13 07:37:56 ----AC---- C:\WINDOWS\system32\mshtml.dll
2008-12-10 00:24:37 ----AC---- C:\WINDOWS\system32\MRT.exe
2008-12-08 18:30:46 ----DC---- C:\Program Files\lbreakout2

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2008-10-27 82380]
R1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2008-04-14 41856]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-12-19 75072]
R1 Bobfilap;TGB::BOB! Engine; C:\WINDOWS\System32\Drivers\Bobfilap.sys [2003-03-19 70730]
R1 Bobfilnw;TGB::BOB! Engine; C:\WINDOWS\System32\Drivers\Bobfilnw.sys [2003-03-19 54921]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]
R2 irda;Protocole IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R2 MVDCODEC;ATI WDM Specialized MVD Codec; C:\WINDOWS\System32\DRIVERS\atinmdxx.sys [2003-03-05 13824]
R2 NwlnkIpx;Protocole de transport compatible NWLink IPX/SPX/NetBIOS; C:\WINDOWS\System32\DRIVERS
wlnkipx.sys [2008-04-13 88320]
R2 NwlnkNb;NetBIOS NWLink; C:\WINDOWS\System32\DRIVERS
wlnknb.sys [2004-08-05 63232]
R2 NwlnkSpx;Protocole NWLink SPX/SPXII; C:\WINDOWS\System32\DRIVERS
wlnkspx.sys [2004-08-05 55936]
R3 AgereSoftModem;OLITEC PCI V92 V4 Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2006-06-07 2410076]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2004-08-04 701440]
R3 atinrvxx;ATI WDM Rage Theater Video; C:\WINDOWS\System32\DRIVERS\atinrvxx.sys [2003-03-05 102400]
R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
R3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2004-01-08 812416]
R3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [2005-10-21 49920]
R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [2005-10-21 16496]
R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [2002-11-27 22384]
R3 irsir;Pilote série infrarouge Microsoft; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
R3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 ms_mpu401;Pilote UART MIDI MPU-401 Microsoft; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS
ic1394.sys [2008-04-13 61824]
R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERSasirda.sys [2001-08-17 19584]
R3 SISNIC;Pilote de carte Fast Ethernet PCI SiS; C:\WINDOWS\system32\DRIVERS\sisnic.sys [2004-08-03 32768]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-13 15104]
S1 276159;276159; \??\C:\WINDOWS\system32\drivers\276159.SYS []
S1 3944B;3944B; \??\C:\WINDOWS\system32\drivers\3944B.SYS []
S1 74f80;74f80; \??\C:\WINDOWS\system32\drivers\74f80.SYS []
S1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys []
S1 InCDRm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys []
S2 15d4C;15d4C; \??\C:\WINDOWS\system32\drivers\15d4C.SYS []
S2 7a181;7a181; \??\C:\WINDOWS\system32\drivers\7a181.SYS []
S2 f2115A;f2115A; \??\C:\WINDOWS\system32\drivers\f2115A.SYS []
S2 IKANLOADER2;General Purpose USB Driver (e4ldr.sys); C:\WINDOWS\System32\Drivers\e4ldr.sys [2006-03-02 63555]
S2 Ndiskio;Ndiskio; \??\c:
orman
se\bin
diskio.sys []
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2003-02-11 696284]
S3 basic2;basic2; C:\WINDOWS\System32\DRIVERS\basic2.sys []
S3 Bridge;Pont MAC; C:\WINDOWS\System32\DRIVERS\bridge.sys [2008-04-13 71552]
S3 BridgeMP;Miniport de pont MAC; C:\WINDOWS\System32\DRIVERS\bridge.sys [2008-04-13 71552]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\HardwareDetection\driverhardwarev2.sys []
S3 e4usbaw;USB ADSL2 WAN Adapter; C:\WINDOWS\system32\DRIVERS\e4usbaw.sys [2006-05-04 114616]
S3 hsf_msft;hsf_msft; C:\WINDOWS\System32\DRIVERS\HSF_MSFT.sys [2001-08-17 542879]
S3 MEMSWEEP2;MEMSWEEP2; \??\C:\WINDOWS\system32\4.tmp []
S3 MPE;Filtre BDA MPE; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS []
S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []
S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\PCASp50.sys [2005-11-19 20096]
S3 Rksample;Rksample; C:\WINDOWS\System32\DRIVERSksample.sys []
S3 rtl8139;Realtek RTL8139/810x Family Fast Ethernet NIC NT Driver; C:\WINDOWS\System32\DRIVERS\R8139n51.SYS [2002-10-04 46976]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 TPP200;USB Storage Adapter V2 (TPP); C:\WINDOWS\System32\DRIVERS\TPP200.SYS [2001-06-29 32877]
S3 usb_rndis;Broadcom USB Remote NDIS Device Driver; C:\WINDOWS\system32\DRIVERS\usb8023.sys [2008-04-13 12800]
S3 USB28xxBGA;USB 2870 Device; C:\WINDOWS\system32\DRIVERS\emBDA.sys [2006-09-12 292864]
S3 USB28xxOEM;USB 28xx OEM Filter; C:\WINDOWS\system32\DRIVERS\emOEM.sys [2006-08-21 7168]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 winachsf;winachsf; C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys []
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 BsUDF;InCD UDF Driver; C:\WINDOWS\system32\drivers\BsUDF.sys [2003-01-15 468480]
S4 InCDFs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys []
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-11-06 68865]
R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-11-06 151297]
R2 Irmon;Moniteur infrarouge; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 NwSapAgent;Agent SAP; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 SNMP;Service SNMP; C:\WINDOWS\System32\snmp.exe [2008-04-14 33280]
S2 a2free;a-squared Free Service; c:\program files\a-squared free\a2service.exe []
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2003-02-06 110677]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
S2 FTRTSVC;France Telecom Routing Table Service; C:\WINDOWS\System32\FTRTSVC.exe []
S2 sdAuxService;PC Tools Auxiliary Service; C:\Program Files\Spyware Doctor\pctsAuxs.exe []
S2 sdCoreService;PC Tools Security Service; C:\Program Files\Spyware Doctor\pctsSvc.exe []
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
S3 Boonty Games;Boonty Games; C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe [2007-04-01 69120]
S3 DUGK;DUGK; C:\DOCUME~1\SEVELL~1\LOCALS~1\Temp\DUGK.exe []
S3 EADENP;EADENP; C:\DOCUME~1\SEVELL~1\LOCALS~1\Temp\EADENP.exe []
S3 fahhdgotgvfk;fahhdgotgvfk; C:\WINDOWS\system32\drivers\fahhdgotgvfk.sys [2007-10-19 8576]
S3 fbvaksquavkk;fbvaksquavkk; C:\WINDOWS\system32\drivers\fbvaksquavkk.sys [2008-02-17 8576]
S3 GLCYUQVCP;GLCYUQVCP; C:\DOCUME~1\SEVELL~1\LOCALS~1\Temp\GLCYUQVCP.exe []
S3 honvbjlccwyj;honvbjlccwyj; C:\WINDOWS\system32\drivers\honvbjlccwyj.sys [2008-02-05 8576]
S3 NGKXTTJZH;NGKXTTJZH; C:\DOCUME~1\SEVELL~1\LOCALS~1\Temp\NGKXTTJZH.exe []
S3 Norman NJeeves;Norman NJeeves; C:\Norman\bin\NJEEVES.EXE []
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\HPZipm12.exe [2002-11-27 65536]
S3 SNMPTRAP;Service d'interruption SNMP; C:\WINDOWS\System32\snmptrap.exe [2008-04-14 8704]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 XKWLUDLHNTUOOW;XKWLUDLHNTUOOW; C:\DOCUME~1\SEVELL~1\LOCALS~1\Temp\XKWLUDLHNTUOOW.exe []
S4 Norman ZANDA;Norman ZANDA; C:\Norman\bin\ZANDA.EXE []

-----------------EOF-----------------

junon16 · Answer

3 ème rapport
info.txt logfile of random's system information tool 1.05 2009-01-07 18:30:40

======Uninstall list======

-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
-->C:\Program Files\Nero\Nero 7
ero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.3 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81300000003}
Adobe Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~2\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~2\Install.log
Adobe® Photoshop® Album Edition Découverte 3.0-->MsiExec.exe /I{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}
Ad-remover-->C:\Program Files\Ad-remover\Uninstal.exe
Ahead InCD-->C:\WINDOWS\NuNInst.exe /UNINSTALL
ATI Control Panel-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe" 
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
Atlantis 2-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Cryo Interactive Entertainment\Atlantis II\Uninst.isu"
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
Bel Atout 4.20-->"C:\Program Files\Jeux de cartes\Bel Atout\unins000.exe"
BlazeDTV 2.0-->"C:\Program Files\BlazeVideo\BlazeDTV2.0\unins000.exe"
CA Yahoo! Anti-Spy (remove only)-->"C:\Program Files\CA Yahoo! Anti-Spy\uninstall.exe"
Cartes de visite-->C:\PROGRA~1\Imprimer\UNWISE.EXE C:\PROGRA~1\Imprimer\INSTALL.LOG
Cartes de Visite-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{888DF9D4-876E-11D7-B60C-00C04F4351FF}\setup.exe" -l0x40c 
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
C-Media WDM Audio Driver-->C:\WINDOWS\system32\cmirmdrv.exe
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
Complément Microsoft Word pour Microsoft Works Suite-->MsiExec.exe /I{F6B1CD0F-DB2D-4666-A168-C46390AD8C4A}
Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Disque de souvenirs HP-->MsiExec.exe /X{B376402D-58EA-45EA-BD50-DD924EB67A70}
Dungeon Ke-->C:\WINDOWS\unin040c.exe -fC:\WI
Dungeon Keeper Theme Pack-->C:\WINDOWS\uninst.exe -f"C:\WINDOWS\Bullfrog\Keeper Theme\DeIsL1.isu"
Encyclopédie Microsoft Encarta 2003-->MsiExec.exe /I{03460014-3975-4267-9F39-1DC4745090B7}
Extension HighMAT pour l'Assistant Graver un CD de Microsoft Windows XP-->MsiExec.exe /X{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}
Extension Système de Microsoft Money-->MsiExec.exe /I{02CA7E66-1AD1-4DE9-BA9E-86A0EEB019C7}
Google Earth-->MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}
Heredis 8-->C:\WINDOWS\unvise32.exe C:\Program Files\Heredis 8\uninstal.log
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Image Resizer Powertoy for Windows XP-->MsiExec.exe /I{1CB92574-96F2-467B-B793-5CEB35C40C29}
InterActual Player-->C:\Program Files\InterActual\InterActual Player\inuninst.exe
InterVideo WinDVD 4-->"C:\Program Files\InstallShield Installation Information\{98E8A2EF-4EAE-43B8-A172-74842B764777}\setup.exe" REMOVEALL
Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
LBreakout2 2.4.1-->"C:\Program Files\lbreakout2\unins000.exe"
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft AutoRoute 2002-->MsiExec.exe /I{F7F2DC0A-C22E-49AD-AD37-797309A54E7B}
Microsoft Carioca-->MsiExec.exe /I{49D70E70-23CB-4BE5-8A67-8770F6B1BB2F}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft Money-->MsiExec.exe /I{01A2E33A-8ADA-42D1-9173-8F65149E952F}
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office 2000 SR-1 Disque 2-->MsiExec.exe /I{0004040C-78E1-11D2-B60F-006097C998E7}
Microsoft Office 2000 SR-1 Small Business-->MsiExec.exe /I{0003040C-78E1-11D2-B60F-006097C998E7}
Microsoft Picture It! Photo 7.0-->MsiExec.exe /I{369B36BE-3D64-4641-9AEA-808D436FE132}
Microsoft Word 2002-->MsiExec.exe /I{911B040C-6000-11D3-8CFE-0050048383C9}
Microsoft Word Viewer 97-->C:\Program Files\WordView\install\install.exe
Microsoft Works 7.0-->MsiExec.exe /I{64D114CE-4234-45C2-B60A-2B07D5A48F72}
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Monopoly pour Windows 9x/NT Version 1.7-->C:\WINDOWS\unin040c.exe -f"C:\Program Files\Ihsv\Monopoly\DeIsL3.isu"  -cC:\PROGRA~1\Ihsv\Monopoly\_ISREG32.DLL
MSP3885-E 56K PCI Modem-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2F00&SUBSYS_8D88122D\HxfSETUP.EXE -U -IVEN_14F1&DEV_2F00&SUBSYS_8D88122D
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Navale 2.1.0.0-->"C:\Program Files\SoftChris\Navale\unins000.exe"
Navilog1 3.7.1-->"C:\Program Files\Navilog1\unins000.exe"
Nero - Burning Rom-->MsiExec.exe /X{A4D7B764-4140-11D4-88EB-0050DA3579C0}
Nero 7 Demo-->MsiExec.exe /I{C985153C-3801-EB63-1432-088E71801036}
Objective Tarot-->C:\WINDOWS\unin040c.exe -f"C:\Program Files\Objective Tarot\DeIsL1.isu"  -c"C:\Program Files\Objective Tarot\_ISREG32.DLL"
OLITEC PCI V92 V4 Modem-->agrsmdel
Pharaon-->C:\WINDOWS\IsUn040c.exe -fC:\SIERRA\Pharaon\Uninst.isu
Photo et imagerie HP 2.0 - All-in-One Pilote-->MsiExec.exe /X{6ECB39BD-73C2-44DD-B1A0-898207C58D8B}
Photo et imagerie HP 2.0 - All-in-One-->MsiExec.exe /X{9867A917-5D17-40DE-83BA-BEA5293194B1}
SAGEM F@st 800-840-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}\setup.exe" -l0x40c 
Sélecteur d'installation de Microsoft Works Suite 2003-->C:\Program Files\Microsoft Works Suite 2003\Setup\Launcher.exe C:\Works\
SFR - Kit de connexion-->C:\Program Files\Neuf\Kit\uninstall.exe
Shockwave-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
SimCity 2000® Collection CD-->C:\WINDOWS\unin040c.exe -f"C:\Fichiers programmes\Maxis\SimCity 2000\DeIsL1.isu"
Sons Microsoft Office-->MsiExec.exe /I{10CE1EA2-12E9-11D3-825E-00C04F6843FE}
Spelling Dictionaries Support For Adobe Reader 8-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-800000000003}
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins001.exe"
Super Mastermind-->C:\Program Files\Super Mastermind\Uninstal.exe
TchecMeet-->C:\Program Files\TchecMeet\Uninstal.exe
Unlocker 1.7.3-->C:\Program Files\Unlocker\uninst.exe
USB Storage Adapter V2 (TPP)-->tppun.exe TPP200
VideoLAN VLC media player 0.8.6d-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Virtual Magnifying Glass-->"C:\Program Files\Virtual Magnifying Glass\uninstall.exe"
Windows Genuine Advantage v1.3.0254.0-->MsiExec.exe /I{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}
Windows Live Sign-in Assistant-->MsiExec.exe /I{F652D238-5F29-42D5-BAF3-0115EF977EC2}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WJChess2D-->C:\PROGRA~1\JeffProd\WJCHES~1\UNWISE.EXE C:\PROGRA~1\JeffProd\WJCHES~1\INSTALL.LOG
Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE

======Hosts File======

127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com

======Security center information======

AV: Avira AntiVir PersonalEdition

System event log

Computer Name: FRANCOISE
Event Code: 26
Message: Application popup :  : Machine Check: Regs

Record Number: 52062
Source Name: Application Popup
Time Written: 20081228111639.000000+060
Event Type: Informations
User: 

Computer Name: FRANCOISE
Event Code: 26
Message: Application popup :  : Machine Check:

Record Number: 52061
Source Name: Application Popup
Time Written: 20081228111639.000000+060
Event Type: Informations
User: 

Computer Name: FRANCOISE
Event Code: 26
Message: Application popup :  : Machine Check: Regs

Record Number: 52060
Source Name: Application Popup
Time Written: 20081228111639.000000+060
Event Type: Informations
User: 

Computer Name: FRANCOISE
Event Code: 26
Message: Application popup :  : Machine Check:

Record Number: 52059
Source Name: Application Popup
Time Written: 20081228111639.000000+060
Event Type: Informations
User: 

Computer Name: FRANCOISE
Event Code: 6005
Message: Le service d'Enregistrement d'événement a démarré.

Record Number: 52058
Source Name: EventLog
Time Written: 20081228111627.000000+060
Event Type: Informations
User: 

Application event log

Computer Name: FRANCOISE
Event Code: 1004
Message: Échec de détection du produit '{A4D7B764-4140-11D4-88EB-0050DA3579C0}', fonctionnalité 'GeneralFiles', composant '{71A56002-C0C8-4450-834A-9D165C752BBC}. La ressource 'C:\Program Files\Ahead\Shared\AudioPlugins\' n'existe pas

Record Number: 4309
Source Name: MsiInstaller
Time Written: 20080219185401.000000+060
Event Type: Avertissement
User: FRANCOISE\SEVELLEC Françoise

Computer Name: FRANCOISE
Event Code: 1001
Message: Échec de détection du produit '{A4D7B764-4140-11D4-88EB-0050DA3579C0}', fonctionnalité 'GeneralFiles' lors de la demande du composant '{22056900-C842-11D1-A0DD-00A0C9054277}'

Record Number: 4308
Source Name: MsiInstaller
Time Written: 20080219185329.000000+060
Event Type: Avertissement
User: FRANCOISE\SEVELLEC Françoise

Computer Name: FRANCOISE
Event Code: 1004
Message: Échec de détection du produit '{A4D7B764-4140-11D4-88EB-0050DA3579C0}', fonctionnalité 'GeneralFiles', composant '{71A56002-C0C8-4450-834A-9D165C752BBC}. La ressource 'C:\Program Files\Ahead\Shared\AudioPlugins\' n'existe pas

Record Number: 4307
Source Name: MsiInstaller
Time Written: 20080219185329.000000+060
Event Type: Avertissement
User: FRANCOISE\SEVELLEC Françoise

Computer Name: FRANCOISE
Event Code: 1001
Message: Échec de détection du produit '{A4D7B764-4140-11D4-88EB-0050DA3579C0}', fonctionnalité 'GeneralFiles' lors de la demande du composant '{22056900-C842-11D1-A0DD-00A0C9054277}'

Record Number: 4306
Source Name: MsiInstaller
Time Written: 20080219185327.000000+060
Event Type: Avertissement
User: FRANCOISE\SEVELLEC Françoise

Computer Name: FRANCOISE
Event Code: 1004
Message: Échec de détection du produit '{A4D7B764-4140-11D4-88EB-0050DA3579C0}', fonctionnalité 'GeneralFiles', composant '{71A56002-C0C8-4450-834A-9D165C752BBC}. La ressource 'C:\Program Files\Ahead\Shared\AudioPlugins\' n'existe pas

Record Number: 4305
Source Name: MsiInstaller
Time Written: 20080219185327.000000+060
Event Type: Avertissement
User: FRANCOISE\SEVELLEC Françoise

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"NUMBER_OF_PROCESSORS"=1
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\WBEM;C:\ATI-CPanel
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 8 Stepping 1, AuthenticAMD
"PROCESSOR_LEVEL"=6
"PROCESSOR_REVISION"=0801
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"windir"=%SystemRoot%

-----------------EOF-----------------
mon systeme rame et les messages que je te transmets sont long

plopus · Answer

re

telecharge hostxpert
https://www.clubic.com/telecharger-fiche185974-hostsxpert.html
execute le en administrateur le scan se lance seul  une fois terminé clik sur      restore MS hosts...   a gauche

puis reposte un rapport RSIT tu poste les 2 rapport

plopus · Answer

bon Boonty game est toujours la...

essaye de telecharger et installer malwarebyte
http://www.commentcamarche.net/telecharger/telecharger 34055379 malwarebytes anti malware

met le a jour et fais un scan complets si il trouves des virus supprimes les tous


puis fais un scan en ligne ici et efface toutes le infections

http://www.bitdefender.fr/scan_fr/scan8/ie.html

et poste les 2 rapports stp

junon16 · Answer

rappot1
Malwarebytes' Anti-Malware 1.32
Version de la base de données: 1626
Windows 5.1.2600 Service Pack 3

08/01/2009 13:50:37
mbam-log-2009-01-08 (13-50-30).txt

Type de recherche: Examen rapide
Eléments examinés: 56923
Temps écoulé: 10 minute(s), 36 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Program Files\eoRezo (Rogue.Eorezo) -> No action taken.

junon16 · Answer

3 eme rapport
Malwarebytes' Anti-Malware 1.32
Version de la base de données: 1626
Windows 5.1.2600 Service Pack 3

08/01/2009 13:50:37
mbam-log-2009-01-08 (13-50-30).txt

Type de recherche: Examen rapide
Eléments examinés: 56923
Temps écoulé: 10 minute(s), 36 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Program Files\eoRezo (Rogue.Eorezo) -> No action taken.

plopus · Answer

re 

tu as supprimer l'infection trouvées par malware byte (le rogue) supprime le dans la quarantaine

puis la plupart des infections trouvées par rootkitrevelateur sont dans la restaurations systeme  a part les 3premieres

reposte un rapport hijackthis stp

plopus · Answer

va dans demarrer/executer tape MSCONFIG puis dans la nouvelle fenetre va dans l'onglet demarrage et cherche dans la liste BOONTY et tu désactive en decochant la case a gauche ensuite tu met appliquer (il se peut qu' au prochain demmarrage tu auras 1 message te disant que tu demarre en mode selectif coche la case pour ne + avoir ce message et met ok)

ensuite

relance hijackthis choisit DO A SCAN ONLY et coche les case a gauche des lignes :


O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe

O23 - Service: DUGK - Unknown owner - C:\DOCUME~1\SEVELL~1\LOCALS~1\Temp\DUGK.exe (file missing)

O23 - Service: EADENP - Unknown owner - C:\DOCUME~1\SEVELL~1\LOCALS~1\Temp\EADENP.exe (file missing)
	
Genre

O23 - Service: GLCYUQVCP - Unknown owner - C:\DOCUME~1\SEVELL~1\LOCALS~1\Temp\GLCYUQVCP.exe (file missing)

O23 - Service: NGKXTTJZH - Unknown owner - C:\DOCUME~1\SEVELL~1\LOCALS~1\Temp\NGKXTTJZH.exe (file missing)

O23 - Service: XKWLUDLHNTUOOW - Unknown owner - C:\DOCUME~1\SEVELL~1\LOCALS~1\Temp\XKWLUDLHNTUOOW.exe (file missing)


puis ferme toutes tes applications deconnecte toi d'internet et clik sur fix checked en bas


ensuite

Dans Ajout/Suppression de programmes du panneau de configuration, désinstalle si présent :
BOONTY
FunWebProducts

puis

-- Ouvre le poste de travail
-- Clic sur le menu outils en haut à droite puis options des dossiers
-- Dans la nouvelle fenêtre, clic sur l'onglet Affichage en haut
-- Coche dans la liste "Afficher les fichiers cachés"
-- Décoche "Masquer les fichiers du système"

puis

Supprime ces dossiers si les trouves :
C:\Program Files\Boonty
C:\Program Files\BoontyGames
C:\Program Files\FunWebProducts
C:\Program Files\Spin2Win Casino
C:\Program Files\fichiers communs\BOONTY Shared
C:\Program Files\common files\CasinoVegasShared 

si tu n'arrive pas a les supprimes redemarre ton PC et au bip tu tapote F8 et selectionne le mode sans echec et réessaye

puis telecharge CCleaner et insatlle le (logiciel a garder)
https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html

puis nettoie au moins 2fois tes fichiers temporaires et ton registre jusqu'a trouver 0erreur

puis redemarre ton PC et refait un rapport hijackthis stp

plopus · Answer

as tu fait sa :

Dans Ajout/Suppression de programmes du panneau de configuration, désinstalle si présent :
BOONTY
FunWebProducts

puis

-- Ouvre le poste de travail
-- Clic sur le menu outils en haut à droite puis options des dossiers
-- Dans la nouvelle fenêtre, clic sur l'onglet Affichage en haut
-- Coche dans la liste "Afficher les fichiers cachés"
-- Décoche "Masquer les fichiers du système"

puis

Supprime ces dossiers si tu les trouves :
C:\Program Files\Boonty
C:\Program Files\BoontyGames
C:\Program Files\FunWebProducts
C:\Program Files\Spin2Win Casino
C:\Program Files\fichiers communs\BOONTY Shared
C:\Program Files\common files\CasinoVegasShared

si tu n'arrive pas a les supprimes redemarre ton PC et au bip tu tapote F8 et selectionne le mode sans echec et réessaye 

et reposte un hijackthis

plopus · Answer

re tu as fix les lignes demandé au poste 26 

as tu essayé d'effacé boonty game en mode sans echec car en normal c'etait presque sur que sa serai refusé

Hidden rootkit

21 réponses

Discussions similaires

Newsletters