Win32 trojan-gen other
Résolu/Fermé
ice-man90
Messages postés
44
Date d'inscription
vendredi 6 avril 2007
Statut
Membre
Dernière intervention
25 janvier 2008
-
6 avril 2007 à 19:19
Regis59 Messages postés 21143 Date d'inscription mardi 27 juin 2006 Statut Contributeur sécurité Dernière intervention 22 juin 2016 - 19 avril 2007 à 23:01
Regis59 Messages postés 21143 Date d'inscription mardi 27 juin 2006 Statut Contributeur sécurité Dernière intervention 22 juin 2016 - 19 avril 2007 à 23:01
A voir également:
- Win32 trojan-gen other
- Trojan remover - Télécharger - Antivirus & Antimalwares
- Hacktool win32 autokms ✓ - Forum Virus
- Press esc in 1 seconds to skip startup.nsh any other key to continue ✓ - Forum Windows 10
- Puadimanager win32 ✓ - Forum Virus
- Other livraison ✓ - Forum Consommation & Internet
48 réponses
Regis59
Messages postés
21143
Date d'inscription
mardi 27 juin 2006
Statut
Contributeur sécurité
Dernière intervention
22 juin 2016
1 320
7 avril 2007 à 16:15
7 avril 2007 à 16:15
Salut
télécharge HijackThis ici:
http://telechargement.zebulon.fr/138-hijackthis-1991.html
Dézippe le dans un dossier prévu à cet effet.
Par exemple C:\hijackthis < Enregistre le bien dans c : !
Démo : (Merci a Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/Hijenr.gif
Lance le puis:
clique sur "do a system scan and save logfile" (cf démo)
faire un copier coller du log entier sur le forum
Démo : (Merci a Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/demohijack.htm
Bon courage
A+
télécharge HijackThis ici:
http://telechargement.zebulon.fr/138-hijackthis-1991.html
Dézippe le dans un dossier prévu à cet effet.
Par exemple C:\hijackthis < Enregistre le bien dans c : !
Démo : (Merci a Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/Hijenr.gif
Lance le puis:
clique sur "do a system scan and save logfile" (cf démo)
faire un copier coller du log entier sur le forum
Démo : (Merci a Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/demohijack.htm
Bon courage
A+
Regis59
Messages postés
21143
Date d'inscription
mardi 27 juin 2006
Statut
Contributeur sécurité
Dernière intervention
22 juin 2016
1 320
8 avril 2007 à 20:49
8 avril 2007 à 20:49
Salut;
- Télécharge clean.zip
http://www.malekal.com/download/clean.zip
Décompresse-le sur ton bureau (clic droit / extraire tout), tu dois obtenir un dossier clean.
¤Démarre en mode sans échec :
Pour cela, tu tapotes la touche F8 dès le début de l’allumage du pc sans t’arrêter
Une fenêtre va s’ouvrir tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape entrée.
Une fois sur le bureau s’il n’y a pas toutes les couleurs et autres c’est normal !
(Si F8 ne marche pas utilise la touche F5).
Double-clic sur ce dossier clean, tu y trouveras dedans plusieurs fichiers.
Double-clic sur clean. Cela va ouvrir une fenêtre noire.
Un menu va apparaître, choisis l'option 2 en appuyant sur la touche 2 de ton clavier.
Clean va travailler.
Un rapport va etre généré, enregistre le, redemarre en mode normal et colle le contenu entier ici.
A+
- Télécharge clean.zip
http://www.malekal.com/download/clean.zip
Décompresse-le sur ton bureau (clic droit / extraire tout), tu dois obtenir un dossier clean.
¤Démarre en mode sans échec :
Pour cela, tu tapotes la touche F8 dès le début de l’allumage du pc sans t’arrêter
Une fenêtre va s’ouvrir tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape entrée.
Une fois sur le bureau s’il n’y a pas toutes les couleurs et autres c’est normal !
(Si F8 ne marche pas utilise la touche F5).
Double-clic sur ce dossier clean, tu y trouveras dedans plusieurs fichiers.
Double-clic sur clean. Cela va ouvrir une fenêtre noire.
Un menu va apparaître, choisis l'option 2 en appuyant sur la touche 2 de ton clavier.
Clean va travailler.
Un rapport va etre généré, enregistre le, redemarre en mode normal et colle le contenu entier ici.
A+
ice-man90
Messages postés
44
Date d'inscription
vendredi 6 avril 2007
Statut
Membre
Dernière intervention
25 janvier 2008
9 avril 2007 à 11:32
9 avril 2007 à 11:32
salut voila le report de clean et merci encore
Script execute en mode sans echec
Rapport clean par Malekal_morte - http://www.malekal.com
Option 2, executee le 09/04/2007 a 11:10:57,18
Microsoft Windows XP [version 5.1.2600]
*** Suppression de fichiers sur C:
*** Suppression des fichiers dans C:\WINDOWS\
tentative de suppression de C:\WINDOWS\temp\mc???.tmp
Impossible de supprimer C:\WINDOWS\temp\mc???.tmp
*** Suppression des fichiers dans C:\WINDOWS\system32
tentative de suppression de "C:\Program Files\DivX\Google\Firefox\ffinstaller.exe"
tentative de suppression de "C:\Program Files\InternetGameBox\"
*** Suppression des clefs du registre effectuee..
*** Fin du rapport !
Script execute en mode sans echec
Rapport clean par Malekal_morte - http://www.malekal.com
Option 2, executee le 09/04/2007 a 11:10:57,18
Microsoft Windows XP [version 5.1.2600]
*** Suppression de fichiers sur C:
*** Suppression des fichiers dans C:\WINDOWS\
tentative de suppression de C:\WINDOWS\temp\mc???.tmp
Impossible de supprimer C:\WINDOWS\temp\mc???.tmp
*** Suppression des fichiers dans C:\WINDOWS\system32
tentative de suppression de "C:\Program Files\DivX\Google\Firefox\ffinstaller.exe"
tentative de suppression de "C:\Program Files\InternetGameBox\"
*** Suppression des clefs du registre effectuee..
*** Fin du rapport !
Regis59
Messages postés
21143
Date d'inscription
mardi 27 juin 2006
Statut
Contributeur sécurité
Dernière intervention
22 juin 2016
1 320
9 avril 2007 à 19:02
9 avril 2007 à 19:02
Salut
Execute ceci:
Clean Up 40:
http://pageperso.aol.fr/balltrap34/CleanUp40.exe
-aide en image:(merci à Balltrap34).
http://pageperso.aol.fr/balltrap34/democleanup.htm
Puis,
Prends connaissance du contenu le lien suivant:
http://www.f-secure.com/products/license-terms/eult_fra.pdf
Tu as donc pris connaissance et accepté les conditions d'utilisations du programme blacklight qui est inclus dans le dossier compressé navilog1.zip que tu vas télécharger.
Maintenant fais un clic droit sur ce lien :
http://perso.orange.fr/il.mafioso/Navifix/navilog1.zip
Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
Fais un clic droit sur navilog1.zip et choisis "tout extraire"
Ensuite double clique sur navilog1.bat
Laisses-toi guider. Au menu principal, choisis 1 et valides.
(ne fais pas le choix 2 sans notre avis/accord)
Patientes jusqu'au message :
*** Analyse Termine le ..... ***
Appuies sur une touche comme demandé, le blocnote va s'ouvrir.
Copies-colles l'intégralité dans une réponse. Refermes le blocnote.
Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)
Si tu as la moindre remarque, n'hésites pas !
A+
Execute ceci:
Clean Up 40:
http://pageperso.aol.fr/balltrap34/CleanUp40.exe
-aide en image:(merci à Balltrap34).
http://pageperso.aol.fr/balltrap34/democleanup.htm
Puis,
Prends connaissance du contenu le lien suivant:
http://www.f-secure.com/products/license-terms/eult_fra.pdf
Tu as donc pris connaissance et accepté les conditions d'utilisations du programme blacklight qui est inclus dans le dossier compressé navilog1.zip que tu vas télécharger.
Maintenant fais un clic droit sur ce lien :
http://perso.orange.fr/il.mafioso/Navifix/navilog1.zip
Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
Fais un clic droit sur navilog1.zip et choisis "tout extraire"
Ensuite double clique sur navilog1.bat
Laisses-toi guider. Au menu principal, choisis 1 et valides.
(ne fais pas le choix 2 sans notre avis/accord)
Patientes jusqu'au message :
*** Analyse Termine le ..... ***
Appuies sur une touche comme demandé, le blocnote va s'ouvrir.
Copies-colles l'intégralité dans une réponse. Refermes le blocnote.
Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)
Si tu as la moindre remarque, n'hésites pas !
A+
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
ice-man90
Messages postés
44
Date d'inscription
vendredi 6 avril 2007
Statut
Membre
Dernière intervention
25 janvier 2008
10 avril 2007 à 10:38
10 avril 2007 à 10:38
salut voila rapport clean up
CleanUp! started on 04/10/07 10:33:39.
...
Cookie:christophe@fr.ouah.com/ - deleted
Cookie:christophe@go.systemdoctor.com/ - deleted
Cookie:christophe@go.drivecleaner.com/ - deleted
Cookie:christophe@aliceadsl.fr/ - deleted
Cookie:christophe@blogg.org/ - deleted
Cookie:christophe@mediastay.directtrack.com/ - deleted
Cookie:christophe@voyance-web.fr/ - deleted
Cookie:christophe@www.internetgamebox.com/ - deleted
Cookie:christophe@js-perso.ifrance.com/ - deleted
Cookie:christophe@overture.com/ - deleted
Cookie:christophe@jeuxvideo.com/ - deleted
Cookie:christophe@shopping.com/ - deleted
Cookie:christophe@fr.mail.mailpepper.com/ - deleted
Cookie:christophe@winantivirus.com/ - deleted
Cookie:christophe@www.excedence.com/ - deleted
Cookie:christophe@mutuelle-mcd.fr/ - deleted
Cookie:christophe@systemdoctor.com/ - deleted
Cookie:christophe@www.voyages-sncf.com/ - deleted
Cookie:christophe@affiliation.fotovista.com/ - deleted
Cookie:christophe@metrixlablw.customers.luna.net/ - deleted
Cookie:christophe@statse.webtrendslive.com/ - deleted
Cookie:christophe@www.pagesjaunes.fr/ - deleted
Cookie:christophe@voyages-sncf.com/ - deleted
Cookie:christophe@em.pc-on-internet.com/ - deleted
Cookie:christophe@softpedia.com/ - deleted
Cookie:christophe@leadium.com/ - deleted
Cookie:christophe@2o7.net/ - deleted
Cookie:christophe@fr.errorsafe.com/ - deleted
Cookie:christophe@cdiscount.com/ - deleted
Cookie:christophe@vistaprint.fr/ - deleted
Cookie:christophe@p2pfr.com/ - deleted
Cookie:christophe@www.plugin-x.com/ - deleted
Cookie:christophe@www.advnt01.com/ - deleted
Cookie:christophe@ke.voila.fr/ - deleted
Cookie:christophe@www.i-tchat.com/ - deleted
Cookie:christophe@quelle.fr/ - deleted
Cookie:christophe@tradedoubler.com/ - deleted
Cookie:christophe@skype.com/ - deleted
Cookie:christophe@www.googleadservices.com/pagead/conversion/1071023048/ - deleted
Cookie:christophe@www.titanpoker.com/ - deleted
Cookie:christophe@reactivpub.fr/ - deleted
Cookie:christophe@www.softpedia.com/ - deleted
Cookie:christophe@affiliatis.com/ - deleted
Cookie:christophe@mediaplex.com/ - deleted
Cookie:christophe@machine-a-pain.fr/ - deleted
Cookie:christophe@go.winantispyware.com/Mjg3Mw==/2/422/ - deleted
Cookie:christophe@cybermonitor.com/ - deleted
Cookie:christophe@mappy.com/ - deleted
Cookie:christophe@avastlogiciel.com/ - deleted
Cookie:christophe@www.amaena.com/ - deleted
Cookie:christophe@ad.yieldmanager.com/ - deleted
Cookie:christophe@effiliation.com/servlet/ - deleted
Cookie:christophe@ems6.net/ - deleted
Cookie:christophe@emm1.com/ - deleted
Cookie:christophe@stats1.reliablestats.com/ - deleted
Cookie:christophe@stats.canalblog.com/ - deleted
Cookie:christophe@hardware.fr/ - deleted
Cookie:christophe@onlinestores.metaservices.microsoft.com/serviceswitching/ - deleted
Cookie:christophe@www.cdpoker.com/ - deleted
Cookie:christophe@bimonline.insites.be/ - deleted
Cookie:christophe@wild.ssandsun.com/ - deleted
Cookie:christophe@patrimoine-de-france.org/ - deleted
Cookie:christophe@clickintext.net/ - deleted
Cookie:christophe@amity-center.com/ - deleted
Cookie:christophe@rebelio.fr/ - deleted
Cookie:christophe@chocolat-deneuville.com/ - deleted
Cookie:christophe@avast-ib.com/ - deleted
Cookie:christophe@tracking.publicidees.com/ - deleted
Cookie:christophe@download.softpedia.com/ - deleted
Cookie:christophe@mindscape.com/ - deleted
Cookie:christophe@go.drivecleaner.com/OTEwMA==/2/422/ - deleted
Cookie:christophe@fr.drivecleaner.com/ - deleted
Cookie:christophe@adserver.click-fr.com/ - deleted
Cookie:christophe@wanadoo.fr/ - deleted
Cookie:christophe@ibase.fr/ - deleted
Cookie:christophe@kadodujour.com/ - deleted
Cookie:christophe@go.errorsafe.com/ - deleted
Cookie:christophe@monguidesante.com/ - deleted
Cookie:christophe@www.googleadservices.com/pagead/conversion/1068632757/ - deleted
Cookie:christophe@doubleclick.net/ - deleted
Cookie:christophe@jemesensmieux.com/ - deleted
Cookie:christophe@iapref.wanadoo.fr/ - deleted
Cookie:christophe@www.mypix.com/fr/fr/home/ - deleted
Cookie:christophe@espace.netavenir.com/ - deleted
Cookie:christophe@www.ciblo.net/outils/statistiques/ - deleted
Cookie:christophe@serving-sys.com/ - deleted
Cookie:christophe@a.softpedia.com/ - deleted
Cookie:christophe@diet-avenue.com/ - deleted
Cookie:christophe@drivecleaner.com/ - deleted
Cookie:christophe@microsoft.com/ - deleted
Cookie:christophe@www.adstours.com/ - deleted
Cookie:christophe@fnac.com/ - deleted
Cookie:christophe@errorsafe.com/ - deleted
Cookie:christophe@ehg-cogemag.hitbox.com/ - deleted
Cookie:christophe@kingodirect.com/ - deleted
Cookie:christophe@www.systemdoctor.com/ - deleted
Cookie:christophe@manche-locationvacances.com/ - deleted
Cookie:christophe@promobenef.com/ - deleted
Cookie:christophe@go.winantispyware.com/ - deleted
Cookie:christophe@idregie.com/ - deleted
Cookie:christophe@d2.advertserve.com/ - deleted
Cookie:christophe@privacyprotector.com/ - deleted
Cookie:christophe@oxado.com/ - deleted
Cookie:christophe@www.florajet.com/ - deleted
Cookie:christophe@specials.divertissements.fr.msn.com/ - deleted
Cookie:christophe@winantispyware.com/ - deleted
Cookie:christophe@facebox.com/ - deleted
Cookie:christophe@advertstream.com/ - deleted
Cookie:christophe@florajet.com/ - deleted
Cookie:christophe@yahoo.com/ - deleted
Cookie:christophe@www.mailskinner.com/ - deleted
Cookie:christophe@magicccs2.free.fr/ - deleted
Cookie:christophe@fastclick.net/ - deleted
Cookie:christophe@atdmt.com/ - deleted
Cookie:christophe@google.fr/ - deleted
Cookie:christophe@sales.liveperson.net/hc/43836137 - deleted
Cookie:christophe@ebay.com/ - deleted
Cookie:christophe@netmastering.net/ - deleted
Cookie:christophe@vitago.com/ - deleted
Cookie:christophe@lastminute.com/ - deleted
Cookie:christophe@jedecouvrelafrance.com/ - deleted
Cookie:christophe@www.mypix.com/ - deleted
Cookie:christophe@softcomputing.com/ - deleted
Cookie:christophe@web.ifrance.com/ - deleted
Cookie:christophe@iapref.orange.fr/ - deleted
Cookie:christophe@hotels.vivacances.fr/ - deleted
Cookie:christophe@win.softpedia.com/ - deleted
Cookie:christophe@electromust.com/ - deleted
Cookie:christophe@stats2.palpix.com/ - deleted
Cookie:christophe@locafilm.com/ - deleted
Cookie:christophe@www.chaussures-desmazieres.fr/ - deleted
Cookie:christophe@genhit.com/ - deleted
Cookie:christophe@advertising.com/ - deleted
Cookie:christophe@edt02.net/ - deleted
Cookie:christophe@search.live.com/ - deleted
Cookie:christophe@247realmedia.com/ - deleted
Cookie:christophe@meetyourmessenger.fr/ - deleted
Cookie:christophe@em.gad-network.com/ - deleted
Cookie:christophe@weborama.fr/ - deleted
Cookie:christophe@apmebf.com/ - deleted
Cookie:christophe@orange.fr/ - deleted
Cookie:christophe@francetelecom.com/ - deleted
Cookie:christophe@bluestreak.com/ - deleted
Cookie:christophe@adultfriendfinder.com/ - deleted
Cookie:christophe@adopt.hbmediapro.com/ - deleted
Cookie:christophe@ad.ifrance.com/ - deleted
Cookie:christophe@www.maty.com/ - deleted
Cookie:christophe@www.amity-center.com/phpmv2/ - deleted
Cookie:christophe@iv2.bluestreak.com/ - deleted
Cookie:christophe@www.gagnerducash.com/ - deleted
Cookie:christophe@perso.orange.fr/ - deleted
Cookie:christophe@atraxio.com/ - deleted
Cookie:christophe@externe.shopping.orange.fr/ - deleted
Cookie:christophe@www.googleadservices.com/pagead/conversion/1072639778/ - deleted
Cookie:christophe@sourceforge.net/ - deleted
Cookie:christophe@search.live.com/images - deleted
Cookie:christophe@fl01.ct2.comclick.com/ - deleted
Cookie:christophe@www.msn.com/ - deleted
Cookie:christophe@softpedia.uk.intellitxt.com/ - deleted
Cookie:christophe@cmonjour.com/ - deleted
Cookie:christophe@fr.systemdoctor.com/ - deleted
Cookie:christophe@imrworldwide.com/cgi-bin - deleted
Cookie:christophe@www.vivacances.fr/ - deleted
Cookie:christophe@tracker.affistats.com/ - deleted
Cookie:christophe@www.priceminister.com/ - deleted
Cookie:christophe@www.amity-center.com/ - deleted
Cookie:christophe@hitbox.com/ - deleted
Cookie:christophe@cdpoker.com/ - deleted
Cookie:christophe@isabella.fr/ - deleted
Cookie:christophe@go.errorsafe.com/OTIwNQ==/2/422/ - deleted
Cookie:christophe@www.viamichelin.fr/ - deleted
Cookie:christophe@www.voyance-web.fr/genevieve/ - deleted
Cookie:christophe@go.winantivirus.com/ - deleted
Cookie:christophe@www.pixmania.com/ - deleted
Cookie:christophe@tsw0.com/ - deleted
Cookie:christophe@cocooncenter.com/ - deleted
Cookie:christophe@en.federal-hotel.com/ - deleted
Cookie:christophe@www.mediadis.com/ - deleted
Cookie:christophe@fr.ebayrtm.com/rtm - deleted
Cookie:christophe@espace.netavenir.com/diffusion/ - deleted
Cookie:christophe@yourmedia.com/ - deleted
Cookie:christophe@inkclub.com/ - deleted
Cookie:christophe@lypn.com/ - deleted
Cookie:christophe@easy-rencontre.com/ - deleted
Cookie:christophe@msn.com/ - deleted
Cookie:christophe@live.com/ - deleted
Cookie:christophe@partirpascher.com/ - deleted
Cookie:christophe@www.multe-pass.com/ - deleted
Cookie:christophe@weba.cdiscount.com/ - deleted
Cookie:christophe@media.fastclick.net/ - deleted
Cookie:christophe@fr.facebox.com/ - deleted
Cookie:christophe@gpads.geniproj.com/ - deleted
Cookie:christophe@www.ditracker.com/ - deleted
Cookie:christophe@trafiz.net/ - deleted
Cookie:christophe@gagnezavecbitdefender.eu/ - deleted
Cookie:christophe@cinema.com/ - deleted
Cookie:christophe@www.spartoo.com/ - deleted
Cookie:christophe@emjcd.com/ - deleted
Cookie:christophe@www.fr.lastminute.com/ - deleted
Cookie:christophe@www.web-mediaplayer.com/ - deleted
Cookie:christophe@server.iad.liveperson.net/ - deleted
Cookie:christophe@tracking.veille-referencement.com/ - deleted
Cookie:christophe@www.pixmania.com/source/prod/ - deleted
Cookie:christophe@www.commentcamarche.net/ - deleted
Cookie:christophe@www.topachat.com/ - deleted
Cookie:christophe@www.csf.fr - deleted
Cookie:christophe@ads.wanadooregie.com/ - deleted
Cookie:christophe@aufeminin.com/ - deleted
Cookie:christophe@apple.com/ - deleted
Cookie:christophe@server.iad.liveperson.net/hc/35639228 - deleted
Cookie:christophe@worldgsm.com/ - deleted
Cookie:christophe@directtrack.com/ - deleted
Cookie:christophe@ilead.itrack.it/ - deleted
Cookie:christophe@81.255.72.210/ - deleted
C:\Documents and Settings\christophe\Application Data\Mozilla\Firefox\Profiles\x4ln1jri.default\history.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\christophe\Application Data\Mozilla\Firefox\Profiles\x4ln1jri.default\cookies.txt.old - deleted
C:\Documents and Settings\christophe\Recent\0009.lnk - deleted
C:\Documents and Settings\christophe\Recent\3647.lnk - deleted
C:\Documents and Settings\christophe\Recent\accueils4.lnk - deleted
C:\Documents and Settings\christophe\Recent\christophe (C).lnk - deleted
C:\Documents and Settings\christophe\Recent\clean.lnk - deleted
C:\Documents and Settings\christophe\Recent\Doc2.lnk - deleted
C:\Documents and Settings\christophe\Recent\Doc6.lnk - deleted
C:\Documents and Settings\christophe\Recent\DSCN03170261.lnk - deleted
C:\Documents and Settings\christophe\Recent\fanny (D).lnk - deleted
C:\Documents and Settings\christophe\Recent\Fatal Bazooka - Ca Part En Couille.lnk - deleted
C:\Documents and Settings\christophe\Recent\FILMS.lnk - deleted
C:\Documents and Settings\christophe\Recent\grave.lnk - deleted
C:\Documents and Settings\christophe\Recent\hijackthis.lnk - deleted
C:\Documents and Settings\christophe\Recent\image004.lnk - deleted
C:\Documents and Settings\christophe\Recent\images.lnk - deleted
C:\Documents and Settings\christophe\Recent\Incoming.lnk - deleted
C:\Documents and Settings\christophe\Recent\Kate.and.Leopold.divx.fr.DVDrip.PascalBouquet.com.teste.lnk - deleted
C:\Documents and Settings\christophe\Recent\La bataille du monde magique.lnk - deleted
C:\Documents and Settings\christophe\Recent\Le Phénix.lnk - deleted
C:\Documents and Settings\christophe\Recent\Lecteur CD (2).lnk - deleted
C:\Documents and Settings\christophe\Recent\Lecteur CD.lnk - deleted
C:\Documents and Settings\christophe\Recent\Mes images.lnk - deleted
C:\Documents and Settings\christophe\Recent\Migraine_jlj.lnk - deleted
C:\Documents and Settings\christophe\Recent\Nouveau 1.lnk - deleted
C:\Documents and Settings\christophe\Recent\Petites confidences (à ma psy).FRENCH.DVDRiP.XViD-GeT.lnk - deleted
C:\Documents and Settings\christophe\Recent\pub_-9-.lnk - deleted
C:\Documents and Settings\christophe\Recent\rapport_clean.lnk - deleted
C:\Documents and Settings\christophe\Recent\Sakura, Chasseuse de cartes - [1x01] - Sakura et le livre magique - FR - [found via ed2k-series.n.lnk - deleted
C:\Documents and Settings\christophe\Recent\Sakura, Chasseuse de cartes - [3x22] - Retour vers le passé - FR - [found via ed2k-series.new.fr].lnk - deleted
C:\Documents and Settings\christophe\Recent\Sakura, Chasseuse de cartes - [3x23] - Sakura veut le mauvais sort - FR - [found via ed2k-series.new.fr].lnk - deleted
C:\Documents and Settings\christophe\Recent\scorpion (F).lnk - deleted
C:\Documents and Settings\christophe\Recent\SmitfraudFix.lnk - deleted
C:\Documents and Settings\christophe\Recent\textes.lnk - deleted
C:\Documents and Settings\christophe\Recent\thierry amiel -coeur sacre.lnk - deleted
C:\Documents and Settings\christophe\Recent\Vendetta1.lnk - deleted
C:\Documents and Settings\christophe\Recent\Vendetta2.lnk - deleted
C:\Documents and Settings\christophe\Recent\Vitaa - A fleur de toi.lnk - deleted
C:\Documents and Settings\christophe\Recent\[0] Fatal Bazooka feat Vitoo. Mauvaise foi nocturne.lnk - deleted
C:\DOCUME~1\CHRIST~1\LOCALS~1\Temp\IEC2.tmp - deleted
C:\DOCUME~1\CHRIST~1\LOCALS~1\Temp\java_install_reg.log - deleted
C:\DOCUME~1\CHRIST~1\LOCALS~1\Temp\jusched.log - deleted
C:\DOCUME~1\CHRIST~1\LOCALS~1\Temp\WPDNSE\ - deleted
C:\DOCUME~1\CHRIST~1\LOCALS~1\Temp\_avast4_\ - deleted
C:\WINDOWS\002193_.tmp - deleted
C:\WINDOWS\SET3.tmp - deleted
C:\WINDOWS\SETA.tmp - deleted
C:\WINDOWS\IE4 Error Log.txt - deleted
C:\WINDOWS\temp\Perflib_Perfdata_718.dat currently in use. Will be deleted when Windows is restarted.
C:\WINDOWS\temp\_avast4_\Webshlock.txt currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\LocalService\Cookies\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\LocalService\Cookies\system@mcafee[2].txt - deleted
C:\Documents and Settings\LocalService\locals~1\tempor~1\Content.IE5\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\LocalService\Cookies\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Default User\Cookies\index.dat - deleted
C:\Documents and Settings\Default User\locals~1\tempor~1\Content.IE5\index.dat - deleted
C:\Documents and Settings\christophe\Cookies\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\christophe\locals~1\tempor~1\Content.IE5\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\christophe\locals~1\tempor~1\Content.IE5\5KB63RTQ\hit[1].gif - deleted
C:\Documents and Settings\christophe\Cookies\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\christophe\Local Settings\Temporary Internet Files\Content.IE5\index.dat currently in use. Will be deleted when Windows is restarted.
C:\WINDOWS\Prefetch\ALG.EXE-0F138680.pf - deleted
C:\WINDOWS\Prefetch\ASHAVAST.EXE-12F63458.pf - deleted
C:\WINDOWS\Prefetch\ASHCHEST.EXE-0FED8209.pf - deleted
C:\WINDOWS\Prefetch\ASHMAISV.EXE-12E27032.pf - deleted
C:\WINDOWS\Prefetch\ASHSIMPL.EXE-14F851AB.pf - deleted
C:\WINDOWS\Prefetch\ASHWEBSV.EXE-0548EF0A.pf - deleted
C:\WINDOWS\Prefetch\AVAST.SETUP-032170A8.pf - deleted
C:\WINDOWS\Prefetch\CHRISTOPHE.EXE-15FF1189.pf - deleted
C:\WINDOWS\Prefetch\CLEANUP.EXE-3438663A.pf - deleted
C:\WINDOWS\Prefetch\CLEANUP40.EXE-00083BB8.pf - deleted
C:\WINDOWS\Prefetch\CMD.EXE-087B4001.pf - deleted
C:\WINDOWS\Prefetch\COMBOSCAN(2).EXE-0C7C9263.pf - deleted
C:\WINDOWS\Prefetch\COMBOSCAN.EXE-2B341F16.pf - deleted
C:\WINDOWS\Prefetch\DEFRAG.EXE-273F131E.pf - deleted
C:\WINDOWS\Prefetch\DFRGNTFS.EXE-269967DF.pf - deleted
C:\WINDOWS\Prefetch\DIVXCODECUPDATECHECKER.EXE-37DBCF54.pf - deleted
C:\WINDOWS\Prefetch\DIVXSM.EXE-3407AB62.pf - deleted
C:\WINDOWS\Prefetch\DUMPREP.EXE-1B46F901.pf - deleted
C:\WINDOWS\Prefetch\DWWIN.EXE-30875ADC.pf - deleted
C:\WINDOWS\Prefetch\EMULE.EXE-2A971BEB.pf - deleted
C:\WINDOWS\Prefetch\EXPLORER.EXE-082F38A9.pf - deleted
C:\WINDOWS\Prefetch\FIND.EXE-0EC32F1E.pf - deleted
C:\WINDOWS\Prefetch\FINDSTR.EXE-0CA6274B.pf - deleted
C:\WINDOWS\Prefetch\FIREFOX.EXE-17EE503B.pf - deleted
C:\WINDOWS\Prefetch\FREECELL.EXE-0CC25C3B.pf - deleted
C:\WINDOWS\Prefetch\HELPSVC.EXE-2878DDA2.pf - deleted
C:\WINDOWS\Prefetch\IEXPLORE.EXE-27122324.pf - deleted
C:\WINDOWS\Prefetch\IMAPI.EXE-0BF740A4.pf - deleted
C:\WINDOWS\Prefetch\Layout.ini - deleted
C:\WINDOWS\Prefetch\LOGONUI.EXE-0AF22957.pf - deleted
C:\WINDOWS\Prefetch\MCUPDATE.EXE-2A2835B2.pf - deleted
C:\WINDOWS\Prefetch\MD5DEEP.EXE-1E5A5122.pf - deleted
C:\WINDOWS\Prefetch\MSIEXEC.EXE-2F8A8CAE.pf - deleted
C:\WINDOWS\Prefetch\MSNMSGR.EXE-366A1A81.pf - deleted
C:\WINDOWS\Prefetch\MSNTBUP.EXE-0D913FB9.pf - deleted
C:\WINDOWS\Prefetch\NOTEPAD.EXE-189578DA.pf - deleted
C:\WINDOWS\Prefetch\NOTEPAD.EXE-336351A9.pf - deleted
C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf - deleted
C:\WINDOWS\Prefetch\NTVDM.EXE-1A10A423.pf - deleted
C:\WINDOWS\Prefetch\OPTIONSAPP.EXE-0EC66CA7.pf - deleted
C:\WINDOWS\Prefetch\PSKILL.EXE-090E08A5.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-1BC55A4F.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-2576181F.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-451FC2C0.pf - deleted
C:\WINDOWS\Prefetch\SETUP.OVR-154CE291.pf - deleted
C:\WINDOWS\Prefetch\SOL.EXE-1C0C14EB.pf - deleted
C:\WINDOWS\Prefetch\SORT.EXE-194AE83C.pf - deleted
C:\WINDOWS\Prefetch\SPIDER.EXE-2D998CA6.pf - deleted
C:\WINDOWS\Prefetch\SWREG.EXE-2733DA5F.pf - deleted
C:\WINDOWS\Prefetch\USNSVC.EXE-373E4DBC.pf - deleted
C:\WINDOWS\Prefetch\VERCLSID.EXE-3667BD89.pf - deleted
C:\WINDOWS\Prefetch\WDS_SL.EXE-040F7C10.pf - deleted
C:\WINDOWS\Prefetch\WINDOWSSEARCHFILTER.EXE-2708964D.pf - deleted
C:\WINDOWS\Prefetch\WINRAR.EXE-39C6DAD9.pf - deleted
C:\WINDOWS\Prefetch\WMIPRVSE.EXE-28F301A9.pf - deleted
C:\WINDOWS\Prefetch\WMPLAYER.EXE-18DDEF9C.pf - deleted
C:\WINDOWS\Prefetch\WMPLAYER.EXE-18DDEF9D.pf - deleted
C:\WINDOWS\Prefetch\WMPLAYER.EXE-18DDEFA4.pf - deleted
C:\WINDOWS\Prefetch\WSCNTFY.EXE-1B24F5EB.pf - deleted
C:\WINDOWS\Prefetch\WUAUCLT.EXE-399A8E72.pf - deleted
C:\hua.tmp - deleted
C:\huadio.tmp - deleted
C:\hwa.tmp - deleted
C:\Documents and Settings\All Users\Application Data\McAfee.com\Agent\Cache\McSubDB.Bak - deleted
C:\Documents and Settings\All Users\Application Data\Sandlot Games\Incrediball\~lev.bup - deleted
C:\Documents and Settings\All Users\DRM\DRMv1.bak - deleted
C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp - deleted
C:\Documents and Settings\christophe\Application Data\Microsoft\Address Book\christophe.wab~ - deleted
C:\Documents and Settings\christophe\Application Data\Microsoft\Modèles\~$Normal.dot - deleted
C:\Documents and Settings\christophe\Application Data\Microsoft\Office\fbc17.tmp - deleted
C:\Documents and Settings\christophe\Application Data\Microsoft\Office\Récent\index.dat - deleted
C:\Documents and Settings\christophe\Application Data\Mozilla\Firefox\Profiles\x4ln1jri.default\bookmarks.bak - deleted
C:\Documents and Settings\christophe\Application Data\Mozilla\Firefox\Profiles\x4ln1jri.default\bookmarks.html.sbsd.bak - deleted
C:\Documents and Settings\christophe\Application Data\Mozilla\Firefox\Profiles\x4ln1jri.default\sessionstore.bak - deleted
C:\Documents and Settings\christophe\Application Data\Player Orange\Data\DataBase.bak - deleted
C:\Documents and Settings\christophe\Cookies\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\christophe\Favoris\~~Suzuki - La Gamme ~~.url - deleted
C:\Documents and Settings\christophe\Local Settings\Application Data\Microsoft\Desktop Search\Applications\RSApp\Properties\MSS.chk - deleted
C:\Documents and Settings\christophe\Local Settings\Application Data\Microsoft\Desktop Search\Temp\rssgthrsvc\Ntf1.tmp currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\christophe\Local Settings\Application Data\Microsoft\Desktop Search\Temp\rssgthrsvc\Ntf2.tmp currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\christophe\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat - deleted
C:\Documents and Settings\christophe\Local Settings\Application Data\Microsoft\Messenger\cathy.ropp@hotmail.fr\SharingMetadata\volume.xml~ - deleted
C:\Documents and Settings\christophe\Local Settings\Application Data\Microsoft\Messenger\cathy.ropp@hotmail.fr\SharingMetadata\Working\database_6A88_44CE_8844_9B09\fsr.chk - deleted
C:\Documents and Settings\christophe\Local Settings\Application Data\Microsoft\Messenger\christophe.millotte@wanadoo.fr\SharingMetadata\volume.xml~ - deleted
C:\Documents and Settings\christophe\Local Settings\Application Data\Microsoft\Messenger\christophe.millotte@wanadoo.fr\SharingMetadata\Working\database_6A88_44CE_8844_9B09\fsr.chk - deleted
C:\Documents and Settings\christophe\Local Settings\Application Data\Microsoft\Messenger\consolle@hotmail.fr\SharingMetadata\volume.xml~ - deleted
C:\Documents and Settings\christophe\Local Settings\Application Data\Microsoft\Messenger\consolle@hotmail.fr\SharingMetadata\Working\database_6A88_44CE_8844_9B09\fsr.chk - deleted
C:\Documents and Settings\christophe\Local Settings\Application Data\Microsoft\Messenger\ice-man90@hotmail.fr\SharingMetadata\volume.xml~ - deleted
C:\Documents and Settings\christophe\Local Settings\Application Data\Microsoft\Messenger\ice-man90@hotmail.fr\SharingMetadata\Working\database_6A88_44CE_8844_9B09\fsr.chk - deleted
C:\Documents and Settings\christophe\Local Settings\Historique\History.IE5\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\christophe\Local Settings\Temporary Internet Files\Content.IE5\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\christophe\Mes documents\~$otos Fanny.doc - deleted
C:\Documents and Settings\christophe\Mes documents\Ma musique\Sauvegarde de la licence\drmv1key.bak - deleted
C:\Documents and Settings\christophe\Mes documents\Ma musique\Sauvegarde de la licence\drmv1lic.bak - deleted
C:\Documents and Settings\christophe\Mes documents\Ma musique\Sauvegarde de la licence\drmv2key.bak - deleted
C:\Documents and Settings\christophe\Mes documents\Ma musique\Sauvegarde de la licence\drmv2lic.bak - deleted
C:\Documents and Settings\christophe\UserData\index.dat - deleted
C:\Documents and Settings\Default User\Local Settings\Historique\History.IE5\index.dat - deleted
C:\Documents and Settings\LocalService\Cookies\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\MSHist012006051620060517\index.dat - deleted
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\MSHist012006051820060519\index.dat - deleted
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\MSHist012006052520060526\index.dat - deleted
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\MSHist012006060120060602\index.dat - deleted
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\MSHist012006060820060609\index.dat - deleted
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\MSHist012006061520060616\index.dat - deleted
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\MSHist012006062020060621\index.dat - deleted
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\MSHist012006062120060622\index.dat - deleted
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\MSHist012006062620060627\index.dat - deleted
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\MSHist012006062820060629\index.dat - deleted
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\MSHist012006062920060630\index.dat - deleted
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\MSHist012006080220060803\index.dat - deleted
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\MSHist012006080420060805\index.dat - deleted
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\MSHist012006082320060824\index.dat - deleted
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\MSHist012006111420061115\index.dat - deleted
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\MSHist012007011520070116\index.dat - deleted
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Program Files\eMule\downloads.bak - deleted
C:\Program Files\eMule\config\clients.met.bak - deleted
C:\Program Files\eMule\config\eMule Light.tmpl - deleted
C:\Program Files\eMule\config\eMule.tmpl - deleted
C:\Program Files\eMule\Temp\002.part.met.bak - deleted
C:\Program Files\eMule\Temp\010.part.met.bak - deleted
C:\Program Files\eMule\Temp\020.part.met.bak - deleted
C:\Program Files\eMule\Temp\Charm-rec.tmp - deleted
C:\Program Files\eMule\Temp\Danny-rec.tmp - deleted
C:\Program Files\eMule\Temp\Starg-rec.tmp - deleted
C:\Program Files\Internet Explorer\eMule\downloads.bak - deleted
C:\Program Files\Internet Explorer\eMule\eMule_Chicane.tmpl - deleted
C:\Program Files\Internet Explorer\eMule\eMule.tmpl - deleted
C:\Program Files\Internet Explorer\eMule\config\clients.met.bak - deleted
C:\Program Files\Mozilla Firefox\freebl3.chk - deleted
C:\Program Files\Mozilla Firefox\softokn3.chk - deleted
C:\Program Files\Orange\Player Orange\data\RentedDataBase.bak - deleted
C:\Program Files\WinRAR\Patch.exe.BAK - deleted
C:\Program Files\WinRAR\Rar.exe.BAK - deleted
C:\Program Files\WinRAR\WinRAR.exe.BAK - deleted
C:\WINDOWS\imsins.BAK - deleted
C:\WINDOWS\Debug\UserMode\userenv.bak - deleted
C:\WINDOWS\inf\mplayer2.bak - deleted
C:\WINDOWS\Installer\MSI10.tmp - deleted
C:\WINDOWS\Installer\MSI11.tmp - deleted
C:\WINDOWS\Installer\MSI19.tmp - deleted
C:\WINDOWS\Installer\MSI1A.tmp - deleted
C:\WINDOWS\Installer\MSI2A.tmp - deleted
C:\WINDOWS\Installer\MSI2B.tmp - deleted
C:\WINDOWS\Installer\MSI33.tmp - deleted
C:\WINDOWS\Installer\MSI34.tmp - deleted
C:\WINDOWS\Installer\MSI5.tmp - deleted
C:\WINDOWS\Installer\MSI6.tmp - deleted
C:\WINDOWS\Installer\MSI7B.tmp - deleted
C:\WINDOWS\Installer\MSI7C.tmp - deleted
C:\WINDOWS\Installer\MSI85.tmp - deleted
C:\WINDOWS\Installer\MSI86.tmp - deleted
C:\WINDOWS\Installer\MSI91.tmp - deleted
C:\WINDOWS\Installer\MSI92.tmp - deleted
C:\WINDOWS\Installer\MSI98.tmp - deleted
C:\WINDOWS\Installer\MSI99.tmp - deleted
C:\WINDOWS\Installer\MSIE.tmp - deleted
C:\WINDOWS\Installer\MSIF.tmp - deleted
C:\WINDOWS\PCHealth\HelpCtr\Config\Cache\Professional_32_1036.dat.bak - deleted
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\index.dat - deleted
C:\WINDOWS\Resources\Themes\Luna\luna.msstyles - deleted
C:\WINDOWS\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\MST21.tmp - deleted
C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.chk - deleted
C:\WINDOWS\system32\CONFIG.TMP - deleted
C:\WINDOWS\system32\setb6.tmp - deleted
C:\WINDOWS\system32\SETB7.tmp - deleted
C:\WINDOWS\system32\SETC3.tmp - deleted
C:\WINDOWS\system32\SETCC.tmp - deleted
C:\WINDOWS\system32\SETCD.tmp - deleted
C:\WINDOWS\system32\SETCE.tmp - deleted
C:\WINDOWS\system32\SETD1.tmp - deleted
C:\WINDOWS\system32\CatRoot2\edb.chk - deleted
C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat - deleted
C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat - deleted
C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012006051620060517\index.dat - deleted
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat - deleted
C:\WINDOWS\system32\usmt\migwiz.exe.manifest - deleted
Emptied Recycle Bin on drive C:
Emptied Recycle Bin on drive E:
'Run MRU' list - removed from the registry.
Paint Recent File List - removed from the registry.
Telnet's MRU list - removed from the registry.
CleanUp! 4.0 recovered 2.68 GB of disk space from 2822 files. Wow! You really needed that.
CleanUp! finished on 04/10/07 10:35:38.
CleanUp! started on 04/10/07 10:33:39.
...
Cookie:christophe@fr.ouah.com/ - deleted
Cookie:christophe@go.systemdoctor.com/ - deleted
Cookie:christophe@go.drivecleaner.com/ - deleted
Cookie:christophe@aliceadsl.fr/ - deleted
Cookie:christophe@blogg.org/ - deleted
Cookie:christophe@mediastay.directtrack.com/ - deleted
Cookie:christophe@voyance-web.fr/ - deleted
Cookie:christophe@www.internetgamebox.com/ - deleted
Cookie:christophe@js-perso.ifrance.com/ - deleted
Cookie:christophe@overture.com/ - deleted
Cookie:christophe@jeuxvideo.com/ - deleted
Cookie:christophe@shopping.com/ - deleted
Cookie:christophe@fr.mail.mailpepper.com/ - deleted
Cookie:christophe@winantivirus.com/ - deleted
Cookie:christophe@www.excedence.com/ - deleted
Cookie:christophe@mutuelle-mcd.fr/ - deleted
Cookie:christophe@systemdoctor.com/ - deleted
Cookie:christophe@www.voyages-sncf.com/ - deleted
Cookie:christophe@affiliation.fotovista.com/ - deleted
Cookie:christophe@metrixlablw.customers.luna.net/ - deleted
Cookie:christophe@statse.webtrendslive.com/ - deleted
Cookie:christophe@www.pagesjaunes.fr/ - deleted
Cookie:christophe@voyages-sncf.com/ - deleted
Cookie:christophe@em.pc-on-internet.com/ - deleted
Cookie:christophe@softpedia.com/ - deleted
Cookie:christophe@leadium.com/ - deleted
Cookie:christophe@2o7.net/ - deleted
Cookie:christophe@fr.errorsafe.com/ - deleted
Cookie:christophe@cdiscount.com/ - deleted
Cookie:christophe@vistaprint.fr/ - deleted
Cookie:christophe@p2pfr.com/ - deleted
Cookie:christophe@www.plugin-x.com/ - deleted
Cookie:christophe@www.advnt01.com/ - deleted
Cookie:christophe@ke.voila.fr/ - deleted
Cookie:christophe@www.i-tchat.com/ - deleted
Cookie:christophe@quelle.fr/ - deleted
Cookie:christophe@tradedoubler.com/ - deleted
Cookie:christophe@skype.com/ - deleted
Cookie:christophe@www.googleadservices.com/pagead/conversion/1071023048/ - deleted
Cookie:christophe@www.titanpoker.com/ - deleted
Cookie:christophe@reactivpub.fr/ - deleted
Cookie:christophe@www.softpedia.com/ - deleted
Cookie:christophe@affiliatis.com/ - deleted
Cookie:christophe@mediaplex.com/ - deleted
Cookie:christophe@machine-a-pain.fr/ - deleted
Cookie:christophe@go.winantispyware.com/Mjg3Mw==/2/422/ - deleted
Cookie:christophe@cybermonitor.com/ - deleted
Cookie:christophe@mappy.com/ - deleted
Cookie:christophe@avastlogiciel.com/ - deleted
Cookie:christophe@www.amaena.com/ - deleted
Cookie:christophe@ad.yieldmanager.com/ - deleted
Cookie:christophe@effiliation.com/servlet/ - deleted
Cookie:christophe@ems6.net/ - deleted
Cookie:christophe@emm1.com/ - deleted
Cookie:christophe@stats1.reliablestats.com/ - deleted
Cookie:christophe@stats.canalblog.com/ - deleted
Cookie:christophe@hardware.fr/ - deleted
Cookie:christophe@onlinestores.metaservices.microsoft.com/serviceswitching/ - deleted
Cookie:christophe@www.cdpoker.com/ - deleted
Cookie:christophe@bimonline.insites.be/ - deleted
Cookie:christophe@wild.ssandsun.com/ - deleted
Cookie:christophe@patrimoine-de-france.org/ - deleted
Cookie:christophe@clickintext.net/ - deleted
Cookie:christophe@amity-center.com/ - deleted
Cookie:christophe@rebelio.fr/ - deleted
Cookie:christophe@chocolat-deneuville.com/ - deleted
Cookie:christophe@avast-ib.com/ - deleted
Cookie:christophe@tracking.publicidees.com/ - deleted
Cookie:christophe@download.softpedia.com/ - deleted
Cookie:christophe@mindscape.com/ - deleted
Cookie:christophe@go.drivecleaner.com/OTEwMA==/2/422/ - deleted
Cookie:christophe@fr.drivecleaner.com/ - deleted
Cookie:christophe@adserver.click-fr.com/ - deleted
Cookie:christophe@wanadoo.fr/ - deleted
Cookie:christophe@ibase.fr/ - deleted
Cookie:christophe@kadodujour.com/ - deleted
Cookie:christophe@go.errorsafe.com/ - deleted
Cookie:christophe@monguidesante.com/ - deleted
Cookie:christophe@www.googleadservices.com/pagead/conversion/1068632757/ - deleted
Cookie:christophe@doubleclick.net/ - deleted
Cookie:christophe@jemesensmieux.com/ - deleted
Cookie:christophe@iapref.wanadoo.fr/ - deleted
Cookie:christophe@www.mypix.com/fr/fr/home/ - deleted
Cookie:christophe@espace.netavenir.com/ - deleted
Cookie:christophe@www.ciblo.net/outils/statistiques/ - deleted
Cookie:christophe@serving-sys.com/ - deleted
Cookie:christophe@a.softpedia.com/ - deleted
Cookie:christophe@diet-avenue.com/ - deleted
Cookie:christophe@drivecleaner.com/ - deleted
Cookie:christophe@microsoft.com/ - deleted
Cookie:christophe@www.adstours.com/ - deleted
Cookie:christophe@fnac.com/ - deleted
Cookie:christophe@errorsafe.com/ - deleted
Cookie:christophe@ehg-cogemag.hitbox.com/ - deleted
Cookie:christophe@kingodirect.com/ - deleted
Cookie:christophe@www.systemdoctor.com/ - deleted
Cookie:christophe@manche-locationvacances.com/ - deleted
Cookie:christophe@promobenef.com/ - deleted
Cookie:christophe@go.winantispyware.com/ - deleted
Cookie:christophe@idregie.com/ - deleted
Cookie:christophe@d2.advertserve.com/ - deleted
Cookie:christophe@privacyprotector.com/ - deleted
Cookie:christophe@oxado.com/ - deleted
Cookie:christophe@www.florajet.com/ - deleted
Cookie:christophe@specials.divertissements.fr.msn.com/ - deleted
Cookie:christophe@winantispyware.com/ - deleted
Cookie:christophe@facebox.com/ - deleted
Cookie:christophe@advertstream.com/ - deleted
Cookie:christophe@florajet.com/ - deleted
Cookie:christophe@yahoo.com/ - deleted
Cookie:christophe@www.mailskinner.com/ - deleted
Cookie:christophe@magicccs2.free.fr/ - deleted
Cookie:christophe@fastclick.net/ - deleted
Cookie:christophe@atdmt.com/ - deleted
Cookie:christophe@google.fr/ - deleted
Cookie:christophe@sales.liveperson.net/hc/43836137 - deleted
Cookie:christophe@ebay.com/ - deleted
Cookie:christophe@netmastering.net/ - deleted
Cookie:christophe@vitago.com/ - deleted
Cookie:christophe@lastminute.com/ - deleted
Cookie:christophe@jedecouvrelafrance.com/ - deleted
Cookie:christophe@www.mypix.com/ - deleted
Cookie:christophe@softcomputing.com/ - deleted
Cookie:christophe@web.ifrance.com/ - deleted
Cookie:christophe@iapref.orange.fr/ - deleted
Cookie:christophe@hotels.vivacances.fr/ - deleted
Cookie:christophe@win.softpedia.com/ - deleted
Cookie:christophe@electromust.com/ - deleted
Cookie:christophe@stats2.palpix.com/ - deleted
Cookie:christophe@locafilm.com/ - deleted
Cookie:christophe@www.chaussures-desmazieres.fr/ - deleted
Cookie:christophe@genhit.com/ - deleted
Cookie:christophe@advertising.com/ - deleted
Cookie:christophe@edt02.net/ - deleted
Cookie:christophe@search.live.com/ - deleted
Cookie:christophe@247realmedia.com/ - deleted
Cookie:christophe@meetyourmessenger.fr/ - deleted
Cookie:christophe@em.gad-network.com/ - deleted
Cookie:christophe@weborama.fr/ - deleted
Cookie:christophe@apmebf.com/ - deleted
Cookie:christophe@orange.fr/ - deleted
Cookie:christophe@francetelecom.com/ - deleted
Cookie:christophe@bluestreak.com/ - deleted
Cookie:christophe@adultfriendfinder.com/ - deleted
Cookie:christophe@adopt.hbmediapro.com/ - deleted
Cookie:christophe@ad.ifrance.com/ - deleted
Cookie:christophe@www.maty.com/ - deleted
Cookie:christophe@www.amity-center.com/phpmv2/ - deleted
Cookie:christophe@iv2.bluestreak.com/ - deleted
Cookie:christophe@www.gagnerducash.com/ - deleted
Cookie:christophe@perso.orange.fr/ - deleted
Cookie:christophe@atraxio.com/ - deleted
Cookie:christophe@externe.shopping.orange.fr/ - deleted
Cookie:christophe@www.googleadservices.com/pagead/conversion/1072639778/ - deleted
Cookie:christophe@sourceforge.net/ - deleted
Cookie:christophe@search.live.com/images - deleted
Cookie:christophe@fl01.ct2.comclick.com/ - deleted
Cookie:christophe@www.msn.com/ - deleted
Cookie:christophe@softpedia.uk.intellitxt.com/ - deleted
Cookie:christophe@cmonjour.com/ - deleted
Cookie:christophe@fr.systemdoctor.com/ - deleted
Cookie:christophe@imrworldwide.com/cgi-bin - deleted
Cookie:christophe@www.vivacances.fr/ - deleted
Cookie:christophe@tracker.affistats.com/ - deleted
Cookie:christophe@www.priceminister.com/ - deleted
Cookie:christophe@www.amity-center.com/ - deleted
Cookie:christophe@hitbox.com/ - deleted
Cookie:christophe@cdpoker.com/ - deleted
Cookie:christophe@isabella.fr/ - deleted
Cookie:christophe@go.errorsafe.com/OTIwNQ==/2/422/ - deleted
Cookie:christophe@www.viamichelin.fr/ - deleted
Cookie:christophe@www.voyance-web.fr/genevieve/ - deleted
Cookie:christophe@go.winantivirus.com/ - deleted
Cookie:christophe@www.pixmania.com/ - deleted
Cookie:christophe@tsw0.com/ - deleted
Cookie:christophe@cocooncenter.com/ - deleted
Cookie:christophe@en.federal-hotel.com/ - deleted
Cookie:christophe@www.mediadis.com/ - deleted
Cookie:christophe@fr.ebayrtm.com/rtm - deleted
Cookie:christophe@espace.netavenir.com/diffusion/ - deleted
Cookie:christophe@yourmedia.com/ - deleted
Cookie:christophe@inkclub.com/ - deleted
Cookie:christophe@lypn.com/ - deleted
Cookie:christophe@easy-rencontre.com/ - deleted
Cookie:christophe@msn.com/ - deleted
Cookie:christophe@live.com/ - deleted
Cookie:christophe@partirpascher.com/ - deleted
Cookie:christophe@www.multe-pass.com/ - deleted
Cookie:christophe@weba.cdiscount.com/ - deleted
Cookie:christophe@media.fastclick.net/ - deleted
Cookie:christophe@fr.facebox.com/ - deleted
Cookie:christophe@gpads.geniproj.com/ - deleted
Cookie:christophe@www.ditracker.com/ - deleted
Cookie:christophe@trafiz.net/ - deleted
Cookie:christophe@gagnezavecbitdefender.eu/ - deleted
Cookie:christophe@cinema.com/ - deleted
Cookie:christophe@www.spartoo.com/ - deleted
Cookie:christophe@emjcd.com/ - deleted
Cookie:christophe@www.fr.lastminute.com/ - deleted
Cookie:christophe@www.web-mediaplayer.com/ - deleted
Cookie:christophe@server.iad.liveperson.net/ - deleted
Cookie:christophe@tracking.veille-referencement.com/ - deleted
Cookie:christophe@www.pixmania.com/source/prod/ - deleted
Cookie:christophe@www.commentcamarche.net/ - deleted
Cookie:christophe@www.topachat.com/ - deleted
Cookie:christophe@www.csf.fr - deleted
Cookie:christophe@ads.wanadooregie.com/ - deleted
Cookie:christophe@aufeminin.com/ - deleted
Cookie:christophe@apple.com/ - deleted
Cookie:christophe@server.iad.liveperson.net/hc/35639228 - deleted
Cookie:christophe@worldgsm.com/ - deleted
Cookie:christophe@directtrack.com/ - deleted
Cookie:christophe@ilead.itrack.it/ - deleted
Cookie:christophe@81.255.72.210/ - deleted
C:\Documents and Settings\christophe\Application Data\Mozilla\Firefox\Profiles\x4ln1jri.default\history.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\christophe\Application Data\Mozilla\Firefox\Profiles\x4ln1jri.default\cookies.txt.old - deleted
C:\Documents and Settings\christophe\Recent\0009.lnk - deleted
C:\Documents and Settings\christophe\Recent\3647.lnk - deleted
C:\Documents and Settings\christophe\Recent\accueils4.lnk - deleted
C:\Documents and Settings\christophe\Recent\christophe (C).lnk - deleted
C:\Documents and Settings\christophe\Recent\clean.lnk - deleted
C:\Documents and Settings\christophe\Recent\Doc2.lnk - deleted
C:\Documents and Settings\christophe\Recent\Doc6.lnk - deleted
C:\Documents and Settings\christophe\Recent\DSCN03170261.lnk - deleted
C:\Documents and Settings\christophe\Recent\fanny (D).lnk - deleted
C:\Documents and Settings\christophe\Recent\Fatal Bazooka - Ca Part En Couille.lnk - deleted
C:\Documents and Settings\christophe\Recent\FILMS.lnk - deleted
C:\Documents and Settings\christophe\Recent\grave.lnk - deleted
C:\Documents and Settings\christophe\Recent\hijackthis.lnk - deleted
C:\Documents and Settings\christophe\Recent\image004.lnk - deleted
C:\Documents and Settings\christophe\Recent\images.lnk - deleted
C:\Documents and Settings\christophe\Recent\Incoming.lnk - deleted
C:\Documents and Settings\christophe\Recent\Kate.and.Leopold.divx.fr.DVDrip.PascalBouquet.com.teste.lnk - deleted
C:\Documents and Settings\christophe\Recent\La bataille du monde magique.lnk - deleted
C:\Documents and Settings\christophe\Recent\Le Phénix.lnk - deleted
C:\Documents and Settings\christophe\Recent\Lecteur CD (2).lnk - deleted
C:\Documents and Settings\christophe\Recent\Lecteur CD.lnk - deleted
C:\Documents and Settings\christophe\Recent\Mes images.lnk - deleted
C:\Documents and Settings\christophe\Recent\Migraine_jlj.lnk - deleted
C:\Documents and Settings\christophe\Recent\Nouveau 1.lnk - deleted
C:\Documents and Settings\christophe\Recent\Petites confidences (à ma psy).FRENCH.DVDRiP.XViD-GeT.lnk - deleted
C:\Documents and Settings\christophe\Recent\pub_-9-.lnk - deleted
C:\Documents and Settings\christophe\Recent\rapport_clean.lnk - deleted
C:\Documents and Settings\christophe\Recent\Sakura, Chasseuse de cartes - [1x01] - Sakura et le livre magique - FR - [found via ed2k-series.n.lnk - deleted
C:\Documents and Settings\christophe\Recent\Sakura, Chasseuse de cartes - [3x22] - Retour vers le passé - FR - [found via ed2k-series.new.fr].lnk - deleted
C:\Documents and Settings\christophe\Recent\Sakura, Chasseuse de cartes - [3x23] - Sakura veut le mauvais sort - FR - [found via ed2k-series.new.fr].lnk - deleted
C:\Documents and Settings\christophe\Recent\scorpion (F).lnk - deleted
C:\Documents and Settings\christophe\Recent\SmitfraudFix.lnk - deleted
C:\Documents and Settings\christophe\Recent\textes.lnk - deleted
C:\Documents and Settings\christophe\Recent\thierry amiel -coeur sacre.lnk - deleted
C:\Documents and Settings\christophe\Recent\Vendetta1.lnk - deleted
C:\Documents and Settings\christophe\Recent\Vendetta2.lnk - deleted
C:\Documents and Settings\christophe\Recent\Vitaa - A fleur de toi.lnk - deleted
C:\Documents and Settings\christophe\Recent\[0] Fatal Bazooka feat Vitoo. Mauvaise foi nocturne.lnk - deleted
C:\DOCUME~1\CHRIST~1\LOCALS~1\Temp\IEC2.tmp - deleted
C:\DOCUME~1\CHRIST~1\LOCALS~1\Temp\java_install_reg.log - deleted
C:\DOCUME~1\CHRIST~1\LOCALS~1\Temp\jusched.log - deleted
C:\DOCUME~1\CHRIST~1\LOCALS~1\Temp\WPDNSE\ - deleted
C:\DOCUME~1\CHRIST~1\LOCALS~1\Temp\_avast4_\ - deleted
C:\WINDOWS\002193_.tmp - deleted
C:\WINDOWS\SET3.tmp - deleted
C:\WINDOWS\SETA.tmp - deleted
C:\WINDOWS\IE4 Error Log.txt - deleted
C:\WINDOWS\temp\Perflib_Perfdata_718.dat currently in use. Will be deleted when Windows is restarted.
C:\WINDOWS\temp\_avast4_\Webshlock.txt currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\LocalService\Cookies\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\LocalService\Cookies\system@mcafee[2].txt - deleted
C:\Documents and Settings\LocalService\locals~1\tempor~1\Content.IE5\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\LocalService\Cookies\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Default User\Cookies\index.dat - deleted
C:\Documents and Settings\Default User\locals~1\tempor~1\Content.IE5\index.dat - deleted
C:\Documents and Settings\christophe\Cookies\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\christophe\locals~1\tempor~1\Content.IE5\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\christophe\locals~1\tempor~1\Content.IE5\5KB63RTQ\hit[1].gif - deleted
C:\Documents and Settings\christophe\Cookies\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\christophe\Local Settings\Temporary Internet Files\Content.IE5\index.dat currently in use. Will be deleted when Windows is restarted.
C:\WINDOWS\Prefetch\ALG.EXE-0F138680.pf - deleted
C:\WINDOWS\Prefetch\ASHAVAST.EXE-12F63458.pf - deleted
C:\WINDOWS\Prefetch\ASHCHEST.EXE-0FED8209.pf - deleted
C:\WINDOWS\Prefetch\ASHMAISV.EXE-12E27032.pf - deleted
C:\WINDOWS\Prefetch\ASHSIMPL.EXE-14F851AB.pf - deleted
C:\WINDOWS\Prefetch\ASHWEBSV.EXE-0548EF0A.pf - deleted
C:\WINDOWS\Prefetch\AVAST.SETUP-032170A8.pf - deleted
C:\WINDOWS\Prefetch\CHRISTOPHE.EXE-15FF1189.pf - deleted
C:\WINDOWS\Prefetch\CLEANUP.EXE-3438663A.pf - deleted
C:\WINDOWS\Prefetch\CLEANUP40.EXE-00083BB8.pf - deleted
C:\WINDOWS\Prefetch\CMD.EXE-087B4001.pf - deleted
C:\WINDOWS\Prefetch\COMBOSCAN(2).EXE-0C7C9263.pf - deleted
C:\WINDOWS\Prefetch\COMBOSCAN.EXE-2B341F16.pf - deleted
C:\WINDOWS\Prefetch\DEFRAG.EXE-273F131E.pf - deleted
C:\WINDOWS\Prefetch\DFRGNTFS.EXE-269967DF.pf - deleted
C:\WINDOWS\Prefetch\DIVXCODECUPDATECHECKER.EXE-37DBCF54.pf - deleted
C:\WINDOWS\Prefetch\DIVXSM.EXE-3407AB62.pf - deleted
C:\WINDOWS\Prefetch\DUMPREP.EXE-1B46F901.pf - deleted
C:\WINDOWS\Prefetch\DWWIN.EXE-30875ADC.pf - deleted
C:\WINDOWS\Prefetch\EMULE.EXE-2A971BEB.pf - deleted
C:\WINDOWS\Prefetch\EXPLORER.EXE-082F38A9.pf - deleted
C:\WINDOWS\Prefetch\FIND.EXE-0EC32F1E.pf - deleted
C:\WINDOWS\Prefetch\FINDSTR.EXE-0CA6274B.pf - deleted
C:\WINDOWS\Prefetch\FIREFOX.EXE-17EE503B.pf - deleted
C:\WINDOWS\Prefetch\FREECELL.EXE-0CC25C3B.pf - deleted
C:\WINDOWS\Prefetch\HELPSVC.EXE-2878DDA2.pf - deleted
C:\WINDOWS\Prefetch\IEXPLORE.EXE-27122324.pf - deleted
C:\WINDOWS\Prefetch\IMAPI.EXE-0BF740A4.pf - deleted
C:\WINDOWS\Prefetch\Layout.ini - deleted
C:\WINDOWS\Prefetch\LOGONUI.EXE-0AF22957.pf - deleted
C:\WINDOWS\Prefetch\MCUPDATE.EXE-2A2835B2.pf - deleted
C:\WINDOWS\Prefetch\MD5DEEP.EXE-1E5A5122.pf - deleted
C:\WINDOWS\Prefetch\MSIEXEC.EXE-2F8A8CAE.pf - deleted
C:\WINDOWS\Prefetch\MSNMSGR.EXE-366A1A81.pf - deleted
C:\WINDOWS\Prefetch\MSNTBUP.EXE-0D913FB9.pf - deleted
C:\WINDOWS\Prefetch\NOTEPAD.EXE-189578DA.pf - deleted
C:\WINDOWS\Prefetch\NOTEPAD.EXE-336351A9.pf - deleted
C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf - deleted
C:\WINDOWS\Prefetch\NTVDM.EXE-1A10A423.pf - deleted
C:\WINDOWS\Prefetch\OPTIONSAPP.EXE-0EC66CA7.pf - deleted
C:\WINDOWS\Prefetch\PSKILL.EXE-090E08A5.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-1BC55A4F.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-2576181F.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-451FC2C0.pf - deleted
C:\WINDOWS\Prefetch\SETUP.OVR-154CE291.pf - deleted
C:\WINDOWS\Prefetch\SOL.EXE-1C0C14EB.pf - deleted
C:\WINDOWS\Prefetch\SORT.EXE-194AE83C.pf - deleted
C:\WINDOWS\Prefetch\SPIDER.EXE-2D998CA6.pf - deleted
C:\WINDOWS\Prefetch\SWREG.EXE-2733DA5F.pf - deleted
C:\WINDOWS\Prefetch\USNSVC.EXE-373E4DBC.pf - deleted
C:\WINDOWS\Prefetch\VERCLSID.EXE-3667BD89.pf - deleted
C:\WINDOWS\Prefetch\WDS_SL.EXE-040F7C10.pf - deleted
C:\WINDOWS\Prefetch\WINDOWSSEARCHFILTER.EXE-2708964D.pf - deleted
C:\WINDOWS\Prefetch\WINRAR.EXE-39C6DAD9.pf - deleted
C:\WINDOWS\Prefetch\WMIPRVSE.EXE-28F301A9.pf - deleted
C:\WINDOWS\Prefetch\WMPLAYER.EXE-18DDEF9C.pf - deleted
C:\WINDOWS\Prefetch\WMPLAYER.EXE-18DDEF9D.pf - deleted
C:\WINDOWS\Prefetch\WMPLAYER.EXE-18DDEFA4.pf - deleted
C:\WINDOWS\Prefetch\WSCNTFY.EXE-1B24F5EB.pf - deleted
C:\WINDOWS\Prefetch\WUAUCLT.EXE-399A8E72.pf - deleted
C:\hua.tmp - deleted
C:\huadio.tmp - deleted
C:\hwa.tmp - deleted
C:\Documents and Settings\All Users\Application Data\McAfee.com\Agent\Cache\McSubDB.Bak - deleted
C:\Documents and Settings\All Users\Application Data\Sandlot Games\Incrediball\~lev.bup - deleted
C:\Documents and Settings\All Users\DRM\DRMv1.bak - deleted
C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp - deleted
C:\Documents and Settings\christophe\Application Data\Microsoft\Address Book\christophe.wab~ - deleted
C:\Documents and Settings\christophe\Application Data\Microsoft\Modèles\~$Normal.dot - deleted
C:\Documents and Settings\christophe\Application Data\Microsoft\Office\fbc17.tmp - deleted
C:\Documents and Settings\christophe\Application Data\Microsoft\Office\Récent\index.dat - deleted
C:\Documents and Settings\christophe\Application Data\Mozilla\Firefox\Profiles\x4ln1jri.default\bookmarks.bak - deleted
C:\Documents and Settings\christophe\Application Data\Mozilla\Firefox\Profiles\x4ln1jri.default\bookmarks.html.sbsd.bak - deleted
C:\Documents and Settings\christophe\Application Data\Mozilla\Firefox\Profiles\x4ln1jri.default\sessionstore.bak - deleted
C:\Documents and Settings\christophe\Application Data\Player Orange\Data\DataBase.bak - deleted
C:\Documents and Settings\christophe\Cookies\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\christophe\Favoris\~~Suzuki - La Gamme ~~.url - deleted
C:\Documents and Settings\christophe\Local Settings\Application Data\Microsoft\Desktop Search\Applications\RSApp\Properties\MSS.chk - deleted
C:\Documents and Settings\christophe\Local Settings\Application Data\Microsoft\Desktop Search\Temp\rssgthrsvc\Ntf1.tmp currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\christophe\Local Settings\Application Data\Microsoft\Desktop Search\Temp\rssgthrsvc\Ntf2.tmp currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\christophe\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat - deleted
C:\Documents and Settings\christophe\Local Settings\Application Data\Microsoft\Messenger\cathy.ropp@hotmail.fr\SharingMetadata\volume.xml~ - deleted
C:\Documents and Settings\christophe\Local Settings\Application Data\Microsoft\Messenger\cathy.ropp@hotmail.fr\SharingMetadata\Working\database_6A88_44CE_8844_9B09\fsr.chk - deleted
C:\Documents and Settings\christophe\Local Settings\Application Data\Microsoft\Messenger\christophe.millotte@wanadoo.fr\SharingMetadata\volume.xml~ - deleted
C:\Documents and Settings\christophe\Local Settings\Application Data\Microsoft\Messenger\christophe.millotte@wanadoo.fr\SharingMetadata\Working\database_6A88_44CE_8844_9B09\fsr.chk - deleted
C:\Documents and Settings\christophe\Local Settings\Application Data\Microsoft\Messenger\consolle@hotmail.fr\SharingMetadata\volume.xml~ - deleted
C:\Documents and Settings\christophe\Local Settings\Application Data\Microsoft\Messenger\consolle@hotmail.fr\SharingMetadata\Working\database_6A88_44CE_8844_9B09\fsr.chk - deleted
C:\Documents and Settings\christophe\Local Settings\Application Data\Microsoft\Messenger\ice-man90@hotmail.fr\SharingMetadata\volume.xml~ - deleted
C:\Documents and Settings\christophe\Local Settings\Application Data\Microsoft\Messenger\ice-man90@hotmail.fr\SharingMetadata\Working\database_6A88_44CE_8844_9B09\fsr.chk - deleted
C:\Documents and Settings\christophe\Local Settings\Historique\History.IE5\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\christophe\Local Settings\Temporary Internet Files\Content.IE5\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\christophe\Mes documents\~$otos Fanny.doc - deleted
C:\Documents and Settings\christophe\Mes documents\Ma musique\Sauvegarde de la licence\drmv1key.bak - deleted
C:\Documents and Settings\christophe\Mes documents\Ma musique\Sauvegarde de la licence\drmv1lic.bak - deleted
C:\Documents and Settings\christophe\Mes documents\Ma musique\Sauvegarde de la licence\drmv2key.bak - deleted
C:\Documents and Settings\christophe\Mes documents\Ma musique\Sauvegarde de la licence\drmv2lic.bak - deleted
C:\Documents and Settings\christophe\UserData\index.dat - deleted
C:\Documents and Settings\Default User\Local Settings\Historique\History.IE5\index.dat - deleted
C:\Documents and Settings\LocalService\Cookies\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\MSHist012006051620060517\index.dat - deleted
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\MSHist012006051820060519\index.dat - deleted
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\MSHist012006052520060526\index.dat - deleted
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\MSHist012006060120060602\index.dat - deleted
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\MSHist012006060820060609\index.dat - deleted
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\MSHist012006061520060616\index.dat - deleted
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\MSHist012006062020060621\index.dat - deleted
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\MSHist012006062120060622\index.dat - deleted
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\MSHist012006062620060627\index.dat - deleted
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\MSHist012006062820060629\index.dat - deleted
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\MSHist012006062920060630\index.dat - deleted
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\MSHist012006080220060803\index.dat - deleted
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\MSHist012006080420060805\index.dat - deleted
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\MSHist012006082320060824\index.dat - deleted
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\MSHist012006111420061115\index.dat - deleted
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\MSHist012007011520070116\index.dat - deleted
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Program Files\eMule\downloads.bak - deleted
C:\Program Files\eMule\config\clients.met.bak - deleted
C:\Program Files\eMule\config\eMule Light.tmpl - deleted
C:\Program Files\eMule\config\eMule.tmpl - deleted
C:\Program Files\eMule\Temp\002.part.met.bak - deleted
C:\Program Files\eMule\Temp\010.part.met.bak - deleted
C:\Program Files\eMule\Temp\020.part.met.bak - deleted
C:\Program Files\eMule\Temp\Charm-rec.tmp - deleted
C:\Program Files\eMule\Temp\Danny-rec.tmp - deleted
C:\Program Files\eMule\Temp\Starg-rec.tmp - deleted
C:\Program Files\Internet Explorer\eMule\downloads.bak - deleted
C:\Program Files\Internet Explorer\eMule\eMule_Chicane.tmpl - deleted
C:\Program Files\Internet Explorer\eMule\eMule.tmpl - deleted
C:\Program Files\Internet Explorer\eMule\config\clients.met.bak - deleted
C:\Program Files\Mozilla Firefox\freebl3.chk - deleted
C:\Program Files\Mozilla Firefox\softokn3.chk - deleted
C:\Program Files\Orange\Player Orange\data\RentedDataBase.bak - deleted
C:\Program Files\WinRAR\Patch.exe.BAK - deleted
C:\Program Files\WinRAR\Rar.exe.BAK - deleted
C:\Program Files\WinRAR\WinRAR.exe.BAK - deleted
C:\WINDOWS\imsins.BAK - deleted
C:\WINDOWS\Debug\UserMode\userenv.bak - deleted
C:\WINDOWS\inf\mplayer2.bak - deleted
C:\WINDOWS\Installer\MSI10.tmp - deleted
C:\WINDOWS\Installer\MSI11.tmp - deleted
C:\WINDOWS\Installer\MSI19.tmp - deleted
C:\WINDOWS\Installer\MSI1A.tmp - deleted
C:\WINDOWS\Installer\MSI2A.tmp - deleted
C:\WINDOWS\Installer\MSI2B.tmp - deleted
C:\WINDOWS\Installer\MSI33.tmp - deleted
C:\WINDOWS\Installer\MSI34.tmp - deleted
C:\WINDOWS\Installer\MSI5.tmp - deleted
C:\WINDOWS\Installer\MSI6.tmp - deleted
C:\WINDOWS\Installer\MSI7B.tmp - deleted
C:\WINDOWS\Installer\MSI7C.tmp - deleted
C:\WINDOWS\Installer\MSI85.tmp - deleted
C:\WINDOWS\Installer\MSI86.tmp - deleted
C:\WINDOWS\Installer\MSI91.tmp - deleted
C:\WINDOWS\Installer\MSI92.tmp - deleted
C:\WINDOWS\Installer\MSI98.tmp - deleted
C:\WINDOWS\Installer\MSI99.tmp - deleted
C:\WINDOWS\Installer\MSIE.tmp - deleted
C:\WINDOWS\Installer\MSIF.tmp - deleted
C:\WINDOWS\PCHealth\HelpCtr\Config\Cache\Professional_32_1036.dat.bak - deleted
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\index.dat - deleted
C:\WINDOWS\Resources\Themes\Luna\luna.msstyles - deleted
C:\WINDOWS\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\MST21.tmp - deleted
C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.chk - deleted
C:\WINDOWS\system32\CONFIG.TMP - deleted
C:\WINDOWS\system32\setb6.tmp - deleted
C:\WINDOWS\system32\SETB7.tmp - deleted
C:\WINDOWS\system32\SETC3.tmp - deleted
C:\WINDOWS\system32\SETCC.tmp - deleted
C:\WINDOWS\system32\SETCD.tmp - deleted
C:\WINDOWS\system32\SETCE.tmp - deleted
C:\WINDOWS\system32\SETD1.tmp - deleted
C:\WINDOWS\system32\CatRoot2\edb.chk - deleted
C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat - deleted
C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat - deleted
C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012006051620060517\index.dat - deleted
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat - deleted
C:\WINDOWS\system32\usmt\migwiz.exe.manifest - deleted
Emptied Recycle Bin on drive C:
Emptied Recycle Bin on drive E:
'Run MRU' list - removed from the registry.
Paint Recent File List - removed from the registry.
Telnet's MRU list - removed from the registry.
CleanUp! 4.0 recovered 2.68 GB of disk space from 2822 files. Wow! You really needed that.
CleanUp! finished on 04/10/07 10:35:38.
ice-man90
Messages postés
44
Date d'inscription
vendredi 6 avril 2007
Statut
Membre
Dernière intervention
25 janvier 2008
10 avril 2007 à 10:56
10 avril 2007 à 10:56
Search Navipromo version 1.1.3 commencé le 10/04/2007 à 10:46:04,75
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Poster ce rapport sur le forum pour le faire analyser !!!
!!! Ne pas lancer la partie désinfection sans l'avis d'un spécialiste !!!
Fix lancé depuis C:\Nouveau dossier
Mise a jour le 31.03.2007 a 08h00 by IL-MAFIOSO
Executé en mode normal
*** Recherche Programmes installes ***
*** Recherche dossiers dans C:\WINDOWS ***
*** Recherche dossiers dans C:\Program Files ***
*** Recherche dossiers dans C:\Documents and Settings\All Users\Application Data ***
*** Recherche dossiers dans C:\Documents and Settings\christophe\Application Data ***
*** Recherche avec BlackLight Engine/F-secure ***
BlackLight Engine est un produit de F-secure, pour + d'infos :
https://www.f-secure.com/en
Fichier(s) caché(s) dans C:\WINDOWS\system32 :
c:\WINDOWS\system32\dgteib.dat
C:\windows\system32\dgteib.exe
c:\WINDOWS\system32\dgteib_nav.dat
c:\WINDOWS\system32\dgteib_navps.dat
Processus caché(s) dans C:\WINDOWS\system32 :
C:\windows\system32\dgteib.exe
*** Recherche fichiers ***
C:\WINDOWS\pack.epk trouvé !
C:\WINDOWS\system32\nvs2.inf trouvé !
*** Recherche cles registre ***
Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs]
Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage]
Recherche Clé Magic Control
HKEY_CURRENT_USER\Software\Lanconfig trouvé !
HKEY_USERS\S-1-5-21-1060284298-746137067-2147052819-1003\Software\Lanconfig trouvé !
*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche fichiers connus:
2)Recherche Heuristique :
*
C:\WINDOWS\system32\dgteib.dat trouvé !
**
C:\WINDOWS\system32\dgteib.dat trouvé !
***
****
*****
******
*******
C:\WINDOWS\system32\dgteib.exe trouvé !
********
C:\WINDOWS\system32\dgteib.exe trouvé !
*** Analyse Terminé le 10/04/2007 à 10:53:17,31 ***
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Poster ce rapport sur le forum pour le faire analyser !!!
!!! Ne pas lancer la partie désinfection sans l'avis d'un spécialiste !!!
Fix lancé depuis C:\Nouveau dossier
Mise a jour le 31.03.2007 a 08h00 by IL-MAFIOSO
Executé en mode normal
*** Recherche Programmes installes ***
*** Recherche dossiers dans C:\WINDOWS ***
*** Recherche dossiers dans C:\Program Files ***
*** Recherche dossiers dans C:\Documents and Settings\All Users\Application Data ***
*** Recherche dossiers dans C:\Documents and Settings\christophe\Application Data ***
*** Recherche avec BlackLight Engine/F-secure ***
BlackLight Engine est un produit de F-secure, pour + d'infos :
https://www.f-secure.com/en
Fichier(s) caché(s) dans C:\WINDOWS\system32 :
c:\WINDOWS\system32\dgteib.dat
C:\windows\system32\dgteib.exe
c:\WINDOWS\system32\dgteib_nav.dat
c:\WINDOWS\system32\dgteib_navps.dat
Processus caché(s) dans C:\WINDOWS\system32 :
C:\windows\system32\dgteib.exe
*** Recherche fichiers ***
C:\WINDOWS\pack.epk trouvé !
C:\WINDOWS\system32\nvs2.inf trouvé !
*** Recherche cles registre ***
Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs]
Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage]
Recherche Clé Magic Control
HKEY_CURRENT_USER\Software\Lanconfig trouvé !
HKEY_USERS\S-1-5-21-1060284298-746137067-2147052819-1003\Software\Lanconfig trouvé !
*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche fichiers connus:
2)Recherche Heuristique :
*
C:\WINDOWS\system32\dgteib.dat trouvé !
**
C:\WINDOWS\system32\dgteib.dat trouvé !
***
****
*****
******
*******
C:\WINDOWS\system32\dgteib.exe trouvé !
********
C:\WINDOWS\system32\dgteib.exe trouvé !
*** Analyse Terminé le 10/04/2007 à 10:53:17,31 ***
Regis59
Messages postés
21143
Date d'inscription
mardi 27 juin 2006
Statut
Contributeur sécurité
Dernière intervention
22 juin 2016
1 320
10 avril 2007 à 17:43
10 avril 2007 à 17:43
Salut
¤Démarre en mode sans échec :
Pour cela, tu tapotes la touche F8 dès le début de l’allumage du pc sans t’arrêter
Une fenêtre va s’ouvrir tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape entrée.
Une fois sur le bureau s’il n’y a pas toutes les couleurs et autres c’est normal !
(Si F8 ne marche pas utilise la touche F5).
Double clique sur navilog1.bat
Laisses-toi guider. Au menu principal, choisis 2 et valides.
indique mode de nettoyage "automatique"
Laisses toi guider et réponds aux questions éventuelles
Ton bureau va disparaitre, c'est normal.
Patientes jusqu'au message :
*** Nettoyage Termine le ..... ***
Appuies sur une touche comme demandé, le blocnote va s'ouvrir.
Sauvegardes le rapport de manière à le retrouver
Refermes le blocnote. Ton bureau va réapparaitre
Redémarres normalement et copies-colles l'intégralité dans une réponse.
Le rapport est en outre sauvegardé à la racine du disque (cleannavi.txt)
PS:Si ton bureau ne réapparait pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
Puis rends-toi à l'onglet "processus". Cliques en haut à gauche sur fichiers et choisis "exécuter"
Tapes explorer et valides. Celà te fera apparaitre ton bureau
¤Démarre en mode sans échec :
Pour cela, tu tapotes la touche F8 dès le début de l’allumage du pc sans t’arrêter
Une fenêtre va s’ouvrir tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape entrée.
Une fois sur le bureau s’il n’y a pas toutes les couleurs et autres c’est normal !
(Si F8 ne marche pas utilise la touche F5).
Double clique sur navilog1.bat
Laisses-toi guider. Au menu principal, choisis 2 et valides.
indique mode de nettoyage "automatique"
Laisses toi guider et réponds aux questions éventuelles
Ton bureau va disparaitre, c'est normal.
Patientes jusqu'au message :
*** Nettoyage Termine le ..... ***
Appuies sur une touche comme demandé, le blocnote va s'ouvrir.
Sauvegardes le rapport de manière à le retrouver
Refermes le blocnote. Ton bureau va réapparaitre
Redémarres normalement et copies-colles l'intégralité dans une réponse.
Le rapport est en outre sauvegardé à la racine du disque (cleannavi.txt)
PS:Si ton bureau ne réapparait pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
Puis rends-toi à l'onglet "processus". Cliques en haut à gauche sur fichiers et choisis "exécuter"
Tapes explorer et valides. Celà te fera apparaitre ton bureau
ice-man90
Messages postés
44
Date d'inscription
vendredi 6 avril 2007
Statut
Membre
Dernière intervention
25 janvier 2008
10 avril 2007 à 18:17
10 avril 2007 à 18:17
salut voici le raport
Clean Navipromo version 1.1.3 commencé le 10/04/2007 à 18:07:00,00
Fix lancé depuis C:\Nouveau dossier
Mise a jour le 31.03.2007 a 08h00 by IL-MAFIOSO
Executé en mode sans echec
Mode suppression automatique avec prise en charge résultats Blacklight
*** Creation backups fichiers trouvés par Blacklight ***
Copie vers "C:\Nouveau dossier\Backupnavi"
*** Suppression des fichiers trouvés avec Blacklight ***
c:\WINDOWS\system32\dgteib.dat supprimé !
C:\windows\system32\dgteib.exe supprimé !
c:\WINDOWS\system32\dgteib_nav.dat supprimé !
c:\WINDOWS\system32\dgteib_navps.dat supprimé !
** 2ème passage **
C:\WINDOWS\system32\dgteib.exe absent !
C:\WINDOWS\system32\dgteib.dat absent !
C:\WINDOWS\system32\dgteib_nav.dat absent !
C:\WINDOWS\system32\dgteib_navps.dat absent !
C:\WINDOWS\system32\dgteib_navup.dat absent !
C:\WINDOWS\system32\dgteib_navtmp.dat absent !
C:\WINDOWS\system32\dgteib_m2s.xml absent !
C:\WINDOWS\prefetch\dgteib*.pf trouvé !
Copie C:\WINDOWS\prefetch\dgteib*.pf réalisé avec succès !
C:\WINDOWS\prefetch\dgteib*.pf supprimé !
*** Suppression dossiers dans C:\WINDOWS ***
*** Suppression dossiers dans C:\Program Files ***
*** Suppression dossiers dans C:\Documents and Settings\All Users\Application Data ***
*** Suppression dossiers dans C:\Documents and Settings\christophe\Application Data ***
*** Suppression fichiers ***
C:\WINDOWS\pack.epk supprimé !
C:\WINDOWS\system32\nvs2.inf supprimé !
*** Suppression fichiers temporaires ***
Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\christophe\Local Settings\Temp effectué !
*** Sauvegarde du registre vers dossier Backupnavi***
sauvegarde du registre réalisé avec succès !
*** Nettoyage registre ***
Nettoyage registre Ok
*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche fichiers connus:
2)Recherche et Suppression Heuristique :
*
**
***
****
*****
******
*******
********
*** Nettoyage termine le 10/04/2007 à 18:07:53,69 ***
Clean Navipromo version 1.1.3 commencé le 10/04/2007 à 18:07:00,00
Fix lancé depuis C:\Nouveau dossier
Mise a jour le 31.03.2007 a 08h00 by IL-MAFIOSO
Executé en mode sans echec
Mode suppression automatique avec prise en charge résultats Blacklight
*** Creation backups fichiers trouvés par Blacklight ***
Copie vers "C:\Nouveau dossier\Backupnavi"
*** Suppression des fichiers trouvés avec Blacklight ***
c:\WINDOWS\system32\dgteib.dat supprimé !
C:\windows\system32\dgteib.exe supprimé !
c:\WINDOWS\system32\dgteib_nav.dat supprimé !
c:\WINDOWS\system32\dgteib_navps.dat supprimé !
** 2ème passage **
C:\WINDOWS\system32\dgteib.exe absent !
C:\WINDOWS\system32\dgteib.dat absent !
C:\WINDOWS\system32\dgteib_nav.dat absent !
C:\WINDOWS\system32\dgteib_navps.dat absent !
C:\WINDOWS\system32\dgteib_navup.dat absent !
C:\WINDOWS\system32\dgteib_navtmp.dat absent !
C:\WINDOWS\system32\dgteib_m2s.xml absent !
C:\WINDOWS\prefetch\dgteib*.pf trouvé !
Copie C:\WINDOWS\prefetch\dgteib*.pf réalisé avec succès !
C:\WINDOWS\prefetch\dgteib*.pf supprimé !
*** Suppression dossiers dans C:\WINDOWS ***
*** Suppression dossiers dans C:\Program Files ***
*** Suppression dossiers dans C:\Documents and Settings\All Users\Application Data ***
*** Suppression dossiers dans C:\Documents and Settings\christophe\Application Data ***
*** Suppression fichiers ***
C:\WINDOWS\pack.epk supprimé !
C:\WINDOWS\system32\nvs2.inf supprimé !
*** Suppression fichiers temporaires ***
Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\christophe\Local Settings\Temp effectué !
*** Sauvegarde du registre vers dossier Backupnavi***
sauvegarde du registre réalisé avec succès !
*** Nettoyage registre ***
Nettoyage registre Ok
*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche fichiers connus:
2)Recherche et Suppression Heuristique :
*
**
***
****
*****
******
*******
********
*** Nettoyage termine le 10/04/2007 à 18:07:53,69 ***
Regis59
Messages postés
21143
Date d'inscription
mardi 27 juin 2006
Statut
Contributeur sécurité
Dernière intervention
22 juin 2016
1 320
10 avril 2007 à 22:20
10 avril 2007 à 22:20
Salut
Remet un hijack this et dis moi ou en sont tes soucis
a+
Remet un hijack this et dis moi ou en sont tes soucis
a+
ice-man90
Messages postés
44
Date d'inscription
vendredi 6 avril 2007
Statut
Membre
Dernière intervention
25 janvier 2008
11 avril 2007 à 08:42
11 avril 2007 à 08:42
salut je ne sais pas ce que tu en pense voici le raport parcontre j'ai des page qui s'ouvre quand je suis sur le net comment les virés
Logfile of HijackThis v1.99.1
Scan saved at 08:38:26, on 11/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\program files\a-squared free\a2service.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Nikon\Wireless Camera Setup Utility\NkPtpEnum.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Windows Desktop Search\WindowsSearchIndexer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Desktop Search\WindowsSearchFilter.exe
C:\Nouveau dossier\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [BDSwitchAgent] C:\Program Files\Softwin\BitDefender9\bdswitch.exe
O4 - HKLM\..\Run: [Realtime Audio Engine] mmrtkrnl.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NI.UWA6PV_0001_N91M2107] "D:\telechargement\WinAntiVirusPro2006FreeInstall_fr.exe" -nag
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: Sagem - Utilitaire réseau pour Clé USB Wi-Fi 802.11g.lnk = ?
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/229?286a43ff248c4e69a7ac2f7ca468a4d5
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/230?286a43ff248c4e69a7ac2f7ca468a4d5
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://ice-manice-man90.spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/mcgdmgr/fr/1,0,0,23/mcgdmgr.cab
O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MediaBar) - http://sib1.od2.com/common/musicmanager/installation/MusicManagerPlugin.CAB
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - WgaLogon.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - c:\program files\a-squared free\a2service.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NkPtpEnumP2 - Unknown owner - C:\Program Files\Nikon\Wireless Camera Setup Utility\NkPtpEnum.exe" -a -d="C:\Program Files\Nikon\Wireless Camera Setup Utility\NkPtpip.dll (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
Logfile of HijackThis v1.99.1
Scan saved at 08:38:26, on 11/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\program files\a-squared free\a2service.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Nikon\Wireless Camera Setup Utility\NkPtpEnum.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Windows Desktop Search\WindowsSearchIndexer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Desktop Search\WindowsSearchFilter.exe
C:\Nouveau dossier\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [BDSwitchAgent] C:\Program Files\Softwin\BitDefender9\bdswitch.exe
O4 - HKLM\..\Run: [Realtime Audio Engine] mmrtkrnl.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NI.UWA6PV_0001_N91M2107] "D:\telechargement\WinAntiVirusPro2006FreeInstall_fr.exe" -nag
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: Sagem - Utilitaire réseau pour Clé USB Wi-Fi 802.11g.lnk = ?
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/229?286a43ff248c4e69a7ac2f7ca468a4d5
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/230?286a43ff248c4e69a7ac2f7ca468a4d5
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://ice-manice-man90.spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/mcgdmgr/fr/1,0,0,23/mcgdmgr.cab
O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MediaBar) - http://sib1.od2.com/common/musicmanager/installation/MusicManagerPlugin.CAB
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - WgaLogon.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - c:\program files\a-squared free\a2service.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NkPtpEnumP2 - Unknown owner - C:\Program Files\Nikon\Wireless Camera Setup Utility\NkPtpEnum.exe" -a -d="C:\Program Files\Nikon\Wireless Camera Setup Utility\NkPtpip.dll (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
Regis59
Messages postés
21143
Date d'inscription
mardi 27 juin 2006
Statut
Contributeur sécurité
Dernière intervention
22 juin 2016
1 320
11 avril 2007 à 15:53
11 avril 2007 à 15:53
Salut
- Télécharge http://www.malekal.com/download/clean.zip]clean.zip, décompresse-le sur ton bureau (clic droit / extraire tout), tu dois obtenir un dossier clean.
¤Démarre en mode sans échec :
Pour cela, tu tapotes la touche F8 dès le début de l’allumage du pc sans t’arrêter
Une fenêtre va s’ouvrir tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape entrée.
Une fois sur le bureau s’il n’y a pas toutes les couleurs et autres c’est normal !
(Si F8 ne marche pas utilise la touche F5).
Double-clic sur ce dossier clean, tu y trouveras dedans plusieurs fichiers.
Double-clic sur clean. Cela va ouvrir une fenêtre noire.
Un menu va apparaître, choisis l'option 2 en appuyant sur la touche 2 de ton clavier.
Clean va travailler.
Un rapport va etre généré, sauvegarde le, redemarre ton pc, colle le contenu entier ici.
- Télécharge http://www.malekal.com/download/clean.zip]clean.zip, décompresse-le sur ton bureau (clic droit / extraire tout), tu dois obtenir un dossier clean.
¤Démarre en mode sans échec :
Pour cela, tu tapotes la touche F8 dès le début de l’allumage du pc sans t’arrêter
Une fenêtre va s’ouvrir tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape entrée.
Une fois sur le bureau s’il n’y a pas toutes les couleurs et autres c’est normal !
(Si F8 ne marche pas utilise la touche F5).
Double-clic sur ce dossier clean, tu y trouveras dedans plusieurs fichiers.
Double-clic sur clean. Cela va ouvrir une fenêtre noire.
Un menu va apparaître, choisis l'option 2 en appuyant sur la touche 2 de ton clavier.
Clean va travailler.
Un rapport va etre généré, sauvegarde le, redemarre ton pc, colle le contenu entier ici.
ice-man90
Messages postés
44
Date d'inscription
vendredi 6 avril 2007
Statut
Membre
Dernière intervention
25 janvier 2008
11 avril 2007 à 17:22
11 avril 2007 à 17:22
Script execute en mode sans echec
Rapport clean par Malekal_morte - http://www.malekal.com
Option 2, executee le 11/04/2007 a 17:10:14,50
Microsoft Windows XP [version 5.1.2600]
*** Suppression de fichiers sur C:
*** Suppression des fichiers dans C:\WINDOWS\
*** Suppression des fichiers dans C:\WINDOWS\system32
*** Suppression des clefs du registre effectuee..
*** Fin du rapport !
Rapport clean par Malekal_morte - http://www.malekal.com
Option 2, executee le 11/04/2007 a 17:10:14,50
Microsoft Windows XP [version 5.1.2600]
*** Suppression de fichiers sur C:
*** Suppression des fichiers dans C:\WINDOWS\
*** Suppression des fichiers dans C:\WINDOWS\system32
*** Suppression des clefs du registre effectuee..
*** Fin du rapport !
Regis59
Messages postés
21143
Date d'inscription
mardi 27 juin 2006
Statut
Contributeur sécurité
Dernière intervention
22 juin 2016
1 320
12 avril 2007 à 18:03
12 avril 2007 à 18:03
Salut
remet un hijack this
a+
remet un hijack this
a+
ice-man90
Messages postés
44
Date d'inscription
vendredi 6 avril 2007
Statut
Membre
Dernière intervention
25 janvier 2008
12 avril 2007 à 20:07
12 avril 2007 à 20:07
Logfile of HijackThis v1.99.1
Scan saved at 20:06:20, on 12/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\program files\a-squared free\a2service.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Nikon\Wireless Camera Setup Utility\NkPtpEnum.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Windows Desktop Search\WindowsSearchIndexer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Nouveau dossier\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Realtime Audio Engine] mmrtkrnl.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\eMule.exe -AutoStart
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: Sagem - Utilitaire réseau pour Clé USB Wi-Fi 802.11g.lnk = ?
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/229?286a43ff248c4e69a7ac2f7ca468a4d5
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/230?286a43ff248c4e69a7ac2f7ca468a4d5
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - http://ice-manice-man90.spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/mcgdmgr/fr/1,0,0,23/mcgdmgr.cab
O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} - http://sib1.od2.com/common/musicmanager/installation/MusicManagerPlugin.CAB
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - WgaLogon.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - c:\program files\a-squared free\a2service.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NkPtpEnumP2 - Unknown owner - C:\Program Files\Nikon\Wireless Camera Setup Utility\NkPtpEnum.exe" -a -d="C:\Program Files\Nikon\Wireless Camera Setup Utility\NkPtpip.dll (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
Scan saved at 20:06:20, on 12/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\program files\a-squared free\a2service.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Nikon\Wireless Camera Setup Utility\NkPtpEnum.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Windows Desktop Search\WindowsSearchIndexer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Nouveau dossier\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Realtime Audio Engine] mmrtkrnl.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\eMule.exe -AutoStart
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: Sagem - Utilitaire réseau pour Clé USB Wi-Fi 802.11g.lnk = ?
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/229?286a43ff248c4e69a7ac2f7ca468a4d5
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/230?286a43ff248c4e69a7ac2f7ca468a4d5
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - http://ice-manice-man90.spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/mcgdmgr/fr/1,0,0,23/mcgdmgr.cab
O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} - http://sib1.od2.com/common/musicmanager/installation/MusicManagerPlugin.CAB
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - WgaLogon.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - c:\program files\a-squared free\a2service.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NkPtpEnumP2 - Unknown owner - C:\Program Files\Nikon\Wireless Camera Setup Utility\NkPtpEnum.exe" -a -d="C:\Program Files\Nikon\Wireless Camera Setup Utility\NkPtpip.dll (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
Regis59
Messages postés
21143
Date d'inscription
mardi 27 juin 2006
Statut
Contributeur sécurité
Dernière intervention
22 juin 2016
1 320
12 avril 2007 à 22:44
12 avril 2007 à 22:44
Salut
Ou en sont tes soucis?
A+
Ou en sont tes soucis?
A+
ice-man90
Messages postés
44
Date d'inscription
vendredi 6 avril 2007
Statut
Membre
Dernière intervention
25 janvier 2008
13 avril 2007 à 08:13
13 avril 2007 à 08:13
salut
pour l'insant je sais pas comme mon virus n'etais detecté que le dimanche je te dirais sa en fin de semaine
@++
pour l'insant je sais pas comme mon virus n'etais detecté que le dimanche je te dirais sa en fin de semaine
@++
Regis59
Messages postés
21143
Date d'inscription
mardi 27 juin 2006
Statut
Contributeur sécurité
Dernière intervention
22 juin 2016
1 320
14 avril 2007 à 14:08
14 avril 2007 à 14:08
Salut
Ok réponse demain.
Vérifie si ceci n'existe plus:
C:\WINDOWS\system32\usb496.dat
A+
Ok réponse demain.
Vérifie si ceci n'existe plus:
C:\WINDOWS\system32\usb496.dat
A+
ice-man90
Messages postés
44
Date d'inscription
vendredi 6 avril 2007
Statut
Membre
Dernière intervention
25 janvier 2008
14 avril 2007 à 19:25
14 avril 2007 à 19:25
salut
non je n'ai plus ce fichier
non je n'ai plus ce fichier
Regis59
Messages postés
21143
Date d'inscription
mardi 27 juin 2006
Statut
Contributeur sécurité
Dernière intervention
22 juin 2016
1 320
14 avril 2007 à 19:34
14 avril 2007 à 19:34
OK, dis moi demain si tu as l alerte ;)
a+
a+
ice-man90
Messages postés
44
Date d'inscription
vendredi 6 avril 2007
Statut
Membre
Dernière intervention
25 janvier 2008
15 avril 2007 à 10:06
15 avril 2007 à 10:06
salut
10h00 1ere alerte de mon virus et oui nous sommes dimanche
10h00 1ere alerte de mon virus et oui nous sommes dimanche
8 avril 2007 à 13:22
Scan saved at 13:21:37, on 08/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\program files\a-squared free\a2service.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Nikon\Wireless Camera Setup Utility\NkPtpEnum.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Windows Desktop Search\WindowsSearchIndexer.exe
C:\Nouveau dossier\HijackThis.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [BDSwitchAgent] C:\Program Files\Softwin\BitDefender9\bdswitch.exe
O4 - HKLM\..\Run: [Realtime Audio Engine] mmrtkrnl.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NI.UWA6PV_0001_N91M2107] "D:\telechargement\WinAntiVirusPro2006FreeInstall_fr.exe" -nag
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: Sagem - Utilitaire réseau pour Clé USB Wi-Fi 802.11g.lnk = ?
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/229?286a43ff248c4e69a7ac2f7ca468a4d5
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/230?286a43ff248c4e69a7ac2f7ca468a4d5
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://ice-manice-man90.spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/mcgdmgr/fr/1,0,0,23/mcgdmgr.cab
O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MediaBar) - http://sib1.od2.com/common/musicmanager/installation/MusicManagerPlugin.CAB
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - WgaLogon.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - c:\program files\a-squared free\a2service.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NkPtpEnumP2 - Unknown owner - C:\Program Files\Nikon\Wireless Camera Setup Utility\NkPtpEnum.exe" -a -d="C:\Program Files\Nikon\Wireless Camera Setup Utility\NkPtpip.dll (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
8 avril 2007 à 13:29