Supprimer shredder
Résolu/Fermé
A voir également:
- Supprimer shredder
- Supprimer une page word - Guide
- Supprimer compte instagram - Guide
- File shredder - Télécharger - Nettoyage
- Supprimer edge - Guide
- Supprimer bing - Guide
83 réponses
jfkpresident
Messages postés
13404
Date d'inscription
lundi 3 septembre 2007
Statut
Contributeur sécurité
Dernière intervention
5 janvier 2015
1 175
25 oct. 2009 à 09:58
25 oct. 2009 à 09:58
Salut ;
Tu peux le poster ?
J'ai lu plus haut qu'il fallait faire un rapport avec hijackthis, je l'ai fait.
Tu peux le poster ?
jfkpresident
Messages postés
13404
Date d'inscription
lundi 3 septembre 2007
Statut
Contributeur sécurité
Dernière intervention
5 janvier 2015
1 175
25 oct. 2009 à 18:06
25 oct. 2009 à 18:06
Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cpVobGk5bHnxrhQ4yaoEUDJvOYNnEGyYjgqHZz5GqZLfutR3fMFPlsC3-CGIilfupPAguYATNyua3csodN_frdMK8sSzUpit10Yac-QJCOkMqJKkbdKcP6ySs8trWPgoNVIq4TGGWCe6o0txXQv-ZueJF9vZzw3RXsGwFYIqN2lvF2LPdQzS8mE1d5kWOVOz6EMzQuE5-lClSJM869uq3oc7-t7yg%3D%3D&attredirects=3
* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cpVobGk5bHnxrhQ4yaoEUDJvOYNnEGyYjgqHZz5GqZLfutR3fMFPlsC3-CGIilfupPAguYATNyua3csodN_frdMK8sSzUpit10Yac-QJCOkMqJKkbdKcP6ySs8trWPgoNVIq4TGGWCe6o0txXQv-ZueJF9vZzw3RXsGwFYIqN2lvF2LPdQzS8mE1d5kWOVOz6EMzQuE5-lClSJM869uq3oc7-t7yg%3D%3D&attredirects=3
* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)
-----------\\ ToolBar S&D 1.2.9 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Intel(R) Celeron(R) CPU 2.40GHz )
BIOS : Version 1.00
USER : velcin ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1351 [VPS 091024-0] 4.8.1351 (Activated)
Firewall : Norton Internet Worm Protection 2006 (Not Activated)
C:\ (Local Disk) - NTFS - Total:74 Go (Free:46 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [1] ( 25/10/2009|18:39 )
-----------\\ Recherche de Fichiers / Dossiers ...
C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Playalot Games
C:\Program Files\AskBarDis
C:\Program Files\AskBarDis\bar
C:\Program Files\AskBarDis\unins000.dat
C:\Program Files\AskBarDis\unins000.exe
C:\Program Files\AskBarDis\bar\bin
C:\Program Files\AskBarDis\bar\Cache
C:\Program Files\AskBarDis\bar\History
C:\Program Files\AskBarDis\bar\Settings
C:\Program Files\AskBarDis\bar\bin\askBar.dll
C:\Program Files\AskBarDis\bar\bin\askPopStp.dll
C:\Program Files\AskBarDis\bar\bin\psvince.dll
C:\Program Files\AskBarDis\bar\Cache\003C0134
C:\Program Files\AskBarDis\bar\Cache\003C082A
C:\Program Files\AskBarDis\bar\Cache\003C0A8B.bin
C:\Program Files\AskBarDis\bar\Cache\003C0C7F.bin
C:\Program Files\AskBarDis\bar\Cache\003C0F7D.bin
C:\Program Files\AskBarDis\bar\Cache\003C1113.bin
C:\Program Files\AskBarDis\bar\Cache\003C1FB9.bin
C:\Program Files\AskBarDis\bar\Cache\003C215F.bin
C:\Program Files\AskBarDis\bar\Cache\003C2566.bin
C:\Program Files\AskBarDis\bar\Cache\003C32C4.bin
C:\Program Files\AskBarDis\bar\Cache\003C345A.bin
C:\Program Files\AskBarDis\bar\Cache\003C3758.bin
C:\Program Files\AskBarDis\bar\Cache\files.ini
C:\Program Files\AskBarDis\bar\History\search
C:\Program Files\AskBarDis\bar\Settings\config.dat
C:\Program Files\AskBarDis\bar\Settings\config.dat.bak
C:\Program Files\AskBarDis\bar\Settings\prevcfg.htm
C:\DOCUME~1\velcin\LOCALS~1\Temp\nsl2D.tmp
-----------\\ Extensions
(velcin) - {E9A1DEE0-C623-4439-8932-001E7D17607D} => ajtoolbar
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.orange.fr/portail"
"SearchMigratedDefaultURL"="https://www.google.com/webhp?gws_rd=ssl{searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home"
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
1 - "C:\ToolBar SD\TB_1.txt" - 25/10/2009|18:41 - Option : [1]
-----------\\ Fin du rapport a 18:41:48,15
Voici le rapport
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Intel(R) Celeron(R) CPU 2.40GHz )
BIOS : Version 1.00
USER : velcin ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1351 [VPS 091024-0] 4.8.1351 (Activated)
Firewall : Norton Internet Worm Protection 2006 (Not Activated)
C:\ (Local Disk) - NTFS - Total:74 Go (Free:46 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [1] ( 25/10/2009|18:39 )
-----------\\ Recherche de Fichiers / Dossiers ...
C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Playalot Games
C:\Program Files\AskBarDis
C:\Program Files\AskBarDis\bar
C:\Program Files\AskBarDis\unins000.dat
C:\Program Files\AskBarDis\unins000.exe
C:\Program Files\AskBarDis\bar\bin
C:\Program Files\AskBarDis\bar\Cache
C:\Program Files\AskBarDis\bar\History
C:\Program Files\AskBarDis\bar\Settings
C:\Program Files\AskBarDis\bar\bin\askBar.dll
C:\Program Files\AskBarDis\bar\bin\askPopStp.dll
C:\Program Files\AskBarDis\bar\bin\psvince.dll
C:\Program Files\AskBarDis\bar\Cache\003C0134
C:\Program Files\AskBarDis\bar\Cache\003C082A
C:\Program Files\AskBarDis\bar\Cache\003C0A8B.bin
C:\Program Files\AskBarDis\bar\Cache\003C0C7F.bin
C:\Program Files\AskBarDis\bar\Cache\003C0F7D.bin
C:\Program Files\AskBarDis\bar\Cache\003C1113.bin
C:\Program Files\AskBarDis\bar\Cache\003C1FB9.bin
C:\Program Files\AskBarDis\bar\Cache\003C215F.bin
C:\Program Files\AskBarDis\bar\Cache\003C2566.bin
C:\Program Files\AskBarDis\bar\Cache\003C32C4.bin
C:\Program Files\AskBarDis\bar\Cache\003C345A.bin
C:\Program Files\AskBarDis\bar\Cache\003C3758.bin
C:\Program Files\AskBarDis\bar\Cache\files.ini
C:\Program Files\AskBarDis\bar\History\search
C:\Program Files\AskBarDis\bar\Settings\config.dat
C:\Program Files\AskBarDis\bar\Settings\config.dat.bak
C:\Program Files\AskBarDis\bar\Settings\prevcfg.htm
C:\DOCUME~1\velcin\LOCALS~1\Temp\nsl2D.tmp
-----------\\ Extensions
(velcin) - {E9A1DEE0-C623-4439-8932-001E7D17607D} => ajtoolbar
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.orange.fr/portail"
"SearchMigratedDefaultURL"="https://www.google.com/webhp?gws_rd=ssl{searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home"
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
1 - "C:\ToolBar SD\TB_1.txt" - 25/10/2009|18:41 - Option : [1]
-----------\\ Fin du rapport a 18:41:48,15
Voici le rapport
jfkpresident
Messages postés
13404
Date d'inscription
lundi 3 septembre 2007
Statut
Contributeur sécurité
Dernière intervention
5 janvier 2015
1 175
25 oct. 2009 à 18:51
25 oct. 2009 à 18:51
Relance Toolbar-S&D en double-cliquant sur le raccourci. Tape sur "2" puis valide en appuyant sur "Entrée".
! Ne ferme pas la fenêtre lors de la suppression !
Un rapport sera généré, poste son contenu ici.
Ensuite :
Télécharge random's system information tool (RSIT) par random/random et sauvegarde-le sur le Bureau.
==>Double-clique sur RSIT.exe afin de lancer RSIT.
==>Lis le contenu de l'écran Disclaimer puis clique sur Continue (si tu acceptes les conditions).
==>Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
==>Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront :
log.txt (<<qui sera affiché) ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).
NB : Les rapports sont sauvegardés dans le dossier C:\rsit
==>Rend toi sur ce site: https://www.cjoint.com/
==>Clique sur "parcourir" et sélectionne ces fichiers ,un lien va etre créer .
==>Copie/colle ce lien dans ta prochaine réponse .
Aide en images si besoin
! Ne ferme pas la fenêtre lors de la suppression !
Un rapport sera généré, poste son contenu ici.
Ensuite :
Télécharge random's system information tool (RSIT) par random/random et sauvegarde-le sur le Bureau.
==>Double-clique sur RSIT.exe afin de lancer RSIT.
==>Lis le contenu de l'écran Disclaimer puis clique sur Continue (si tu acceptes les conditions).
==>Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
==>Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront :
log.txt (<<qui sera affiché) ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).
NB : Les rapports sont sauvegardés dans le dossier C:\rsit
==>Rend toi sur ce site: https://www.cjoint.com/
==>Clique sur "parcourir" et sélectionne ces fichiers ,un lien va etre créer .
==>Copie/colle ce lien dans ta prochaine réponse .
Aide en images si besoin
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Voici le 2 ième rapport de Toolbar
Je vais télécharger random's
-----------\\ ToolBar S&D 1.2.9 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Intel(R) Celeron(R) CPU 2.40GHz )
BIOS : Version 1.00
USER : velcin ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1351 [VPS 091024-0] 4.8.1351 (Activated)
Firewall : Norton Internet Worm Protection 2006 (Not Activated)
C:\ (Local Disk) - NTFS - Total:74 Go (Free:46 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [2] ( 25/10/2009|20:50 )
-----------\\ SUPPRESSION
Supprime! - C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Playalot Games
Supprime! - C:\Program Files\AskBarDis\bar
Supprime! - C:\Program Files\AskBarDis\unins000.dat
Supprime! - C:\Program Files\AskBarDis\unins000.exe
Echec ! - C:\DOCUME~1\velcin\LOCALS~1\Temp\nsl2D.tmp
Supprime! - C:\Program Files\AskBarDis
-----------\\ DEUXIEME PASSAGE
Echec ! - C:\DOCUME~1\velcin\LOCALS~1\Temp\nsl2D.tmp
-----------\\ Recherche de Fichiers / Dossiers ...
C:\DOCUME~1\velcin\LOCALS~1\Temp\nsl2D.tmp
-----------\\ Extensions
(velcin) - {E9A1DEE0-C623-4439-8932-001E7D17607D} => ajtoolbar
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.orange.fr/portail"
"SearchMigratedDefaultURL"="https://www.google.com/webhp?gws_rd=ssl{searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.msn.com/fr-fr/"
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
1 - "C:\ToolBar SD\TB_1.txt" - 25/10/2009|18:41 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 25/10/2009|20:54 - Option : [2]
-----------\\ Fin du rapport a 20:54:13,84
Je vais télécharger random's
-----------\\ ToolBar S&D 1.2.9 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Intel(R) Celeron(R) CPU 2.40GHz )
BIOS : Version 1.00
USER : velcin ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1351 [VPS 091024-0] 4.8.1351 (Activated)
Firewall : Norton Internet Worm Protection 2006 (Not Activated)
C:\ (Local Disk) - NTFS - Total:74 Go (Free:46 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [2] ( 25/10/2009|20:50 )
-----------\\ SUPPRESSION
Supprime! - C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Playalot Games
Supprime! - C:\Program Files\AskBarDis\bar
Supprime! - C:\Program Files\AskBarDis\unins000.dat
Supprime! - C:\Program Files\AskBarDis\unins000.exe
Echec ! - C:\DOCUME~1\velcin\LOCALS~1\Temp\nsl2D.tmp
Supprime! - C:\Program Files\AskBarDis
-----------\\ DEUXIEME PASSAGE
Echec ! - C:\DOCUME~1\velcin\LOCALS~1\Temp\nsl2D.tmp
-----------\\ Recherche de Fichiers / Dossiers ...
C:\DOCUME~1\velcin\LOCALS~1\Temp\nsl2D.tmp
-----------\\ Extensions
(velcin) - {E9A1DEE0-C623-4439-8932-001E7D17607D} => ajtoolbar
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.orange.fr/portail"
"SearchMigratedDefaultURL"="https://www.google.com/webhp?gws_rd=ssl{searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.msn.com/fr-fr/"
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
1 - "C:\ToolBar SD\TB_1.txt" - 25/10/2009|18:41 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 25/10/2009|20:54 - Option : [2]
-----------\\ Fin du rapport a 20:54:13,84
https://www.cjoint.com/?kzvnmfYesFhttp://cjoint.com/?kzvnmfYesFhttp://cjoint.com/?kzvnmfYesFhttp://cjoint.com/?
J 'ai fait ce que je croisa voir compris. Est ce bien ça?
Merci
J 'ai fait ce que je croisa voir compris. Est ce bien ça?
Merci
https://www.cjoint.com/?kzvxKfWXBf
voici pour le second j'attends la suite des instruction
Encore merci
voici pour le second j'attends la suite des instruction
Encore merci
jfkpresident
Messages postés
13404
Date d'inscription
lundi 3 septembre 2007
Statut
Contributeur sécurité
Dernière intervention
5 janvier 2015
1 175
25 oct. 2009 à 22:34
25 oct. 2009 à 22:34
Tres bien ,on continu :
Télécharge Navilog1 (par IL-MAFIOSO) sur ton bureau
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
Ensuite double clique sur navilog1.exe pour lancer l'installation.
Une fois l'installation terminée, double-clique sur le raccourci Navilog1 présent sur le bureau.
Laisse-toi guider. Appuie sur une touche quand on te le demande.
Au menu principal, choisis 1 et valide.
< Ne fais pas le choix 2 >
Patiente le temps du scan. Il te sera peut-être demandé de redémarrer ton PC.
Laisse l'outil le faire automatiquement, sinon redémarre ton PC normalement s'il te le demande.
Patiente jusqu'au message "Scan terminé le......"
Appuie sur une touche comme demandé ; le bloc-notes va s'ouvrir.
Copie-colle l'intégralité dans ta réponse. Referme le bloc-notes.
PS : le rapport est, aussi, sauvegardé à la racine du disque dur C:\cleannavi.txt
====================
Télécharge ATF Cleaner par Atribune:
http://www.atribune.org/ccount/click.php?id=1
Double-clique ATF-Cleaner.exe afin de lancer le programme.
Sous l'onglet Main, choisis : Select All
Clique sur le bouton Empty Selected
Si tu utilises le navigateur Firefox :
Clique Firefox au haut et choisis : Select All
Clique le bouton Empty Selected
NOTE : Si tu veux conserver tes mots de passe sauvegardés, clique No à l'invite.
Si tu utilises le navigateur Opera :
Clique Opera au haut et choisis : Select All
Clique le bouton Empty Selected
NOTE : Si tu veux conserver tes mots de passe sauvegardés, clique No à l'invite.
Clique Exit, du menu prinicipal, afin de fermer le programme.
Pour obtenir du Support technique, double-clique l'adresse électronique située au bas de chacun des menus.
Télécharge Navilog1 (par IL-MAFIOSO) sur ton bureau
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
Ensuite double clique sur navilog1.exe pour lancer l'installation.
Une fois l'installation terminée, double-clique sur le raccourci Navilog1 présent sur le bureau.
Laisse-toi guider. Appuie sur une touche quand on te le demande.
Au menu principal, choisis 1 et valide.
< Ne fais pas le choix 2 >
Patiente le temps du scan. Il te sera peut-être demandé de redémarrer ton PC.
Laisse l'outil le faire automatiquement, sinon redémarre ton PC normalement s'il te le demande.
Patiente jusqu'au message "Scan terminé le......"
Appuie sur une touche comme demandé ; le bloc-notes va s'ouvrir.
Copie-colle l'intégralité dans ta réponse. Referme le bloc-notes.
PS : le rapport est, aussi, sauvegardé à la racine du disque dur C:\cleannavi.txt
====================
Télécharge ATF Cleaner par Atribune:
http://www.atribune.org/ccount/click.php?id=1
Double-clique ATF-Cleaner.exe afin de lancer le programme.
Sous l'onglet Main, choisis : Select All
Clique sur le bouton Empty Selected
Si tu utilises le navigateur Firefox :
Clique Firefox au haut et choisis : Select All
Clique le bouton Empty Selected
NOTE : Si tu veux conserver tes mots de passe sauvegardés, clique No à l'invite.
Si tu utilises le navigateur Opera :
Clique Opera au haut et choisis : Select All
Clique le bouton Empty Selected
NOTE : Si tu veux conserver tes mots de passe sauvegardés, clique No à l'invite.
Clique Exit, du menu prinicipal, afin de fermer le programme.
Pour obtenir du Support technique, double-clique l'adresse électronique située au bas de chacun des menus.
Re bonjour,
Je continue aujourd'hui.
Voici le rapport
Fix Navipromo version 4.0.3 commencé le 26/10/2009 8:22:54,96
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
Outil exécuté depuis C:\Program Files\navilog1
Mise à jour le 21.10.2009 à 22h00 par IL-MAFIOSO
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Intel(R) Celeron(R) CPU 2.40GHz )
BIOS : Version 1.00
USER : velcin ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1351 [VPS 091025-0] 4.8.1351 (Activated)
Firewall : Norton Internet Worm Protection 2006 (Not Activated)
C:\ (Local Disk) - NTFS - Total:74 Go (Free:46 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
Recherche executée en mode normal
Nettoyage exécuté au redémarrage de l'ordinateur
Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\velcin\locals~1\Temp effectué !
*** Sauvegarde du Registre vers dossier Safebackup ***
sauvegarde du Registre réalisée avec succès !
*** Nettoyage Registre ***
Nettoyage Registre Ok
Certificat Electronic-Group supprimé !
Certificat OOO-Favorit supprimé !
*** Scan terminé 26/10/2009 8:30:37,40 ***
Je continue aujourd'hui.
Voici le rapport
Fix Navipromo version 4.0.3 commencé le 26/10/2009 8:22:54,96
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
Outil exécuté depuis C:\Program Files\navilog1
Mise à jour le 21.10.2009 à 22h00 par IL-MAFIOSO
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Intel(R) Celeron(R) CPU 2.40GHz )
BIOS : Version 1.00
USER : velcin ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1351 [VPS 091025-0] 4.8.1351 (Activated)
Firewall : Norton Internet Worm Protection 2006 (Not Activated)
C:\ (Local Disk) - NTFS - Total:74 Go (Free:46 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
Recherche executée en mode normal
Nettoyage exécuté au redémarrage de l'ordinateur
Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\velcin\locals~1\Temp effectué !
*** Sauvegarde du Registre vers dossier Safebackup ***
sauvegarde du Registre réalisée avec succès !
*** Nettoyage Registre ***
Nettoyage Registre Ok
Certificat Electronic-Group supprimé !
Certificat OOO-Favorit supprimé !
*** Scan terminé 26/10/2009 8:30:37,40 ***
fafouic
Messages postés
155
Date d'inscription
samedi 28 avril 2007
Statut
Membre
Dernière intervention
19 janvier 2024
7
26 oct. 2009 à 09:00
26 oct. 2009 à 09:00
J' ai fait tout ce que tu m'as dit. Pour le moment j'ai toujours shredder sur le bureau et 1 message me disant quand l'ordi s'allume, que PC confidential ne peut pas s'ouvrir ainsi que winferno dans tous mes programmes.
Merci et à bientôt
Merci et à bientôt
jfkpresident
Messages postés
13404
Date d'inscription
lundi 3 septembre 2007
Statut
Contributeur sécurité
Dernière intervention
5 janvier 2015
1 175
26 oct. 2009 à 12:32
26 oct. 2009 à 12:32
Télécharge SF.exe de C_XX .
*Double clique sur SF.exe ("éxécuter en tant qu'administrateur pour vista) .
*Une fenetre Cmd va s'ouvrir .
*Tape shredder dans cette fenetre et "entrée" .
*Patiente pendant la recherche .
*Une fenetre avec un log .txt va s'afficher .
*Copie/colle ce rapport dans ta prochaine réponse .
*Double clique sur SF.exe ("éxécuter en tant qu'administrateur pour vista) .
*Une fenetre Cmd va s'ouvrir .
*Tape shredder dans cette fenetre et "entrée" .
*Patiente pendant la recherche .
*Une fenetre avec un log .txt va s'afficher .
*Copie/colle ce rapport dans ta prochaine réponse .
voici le rapport
======================== SF 1.0.0.4 - C_XX | 13:35:56,89
Valeur(s) recherchée(s):
shredder
========================= Fichier(s)/Dossier(s):
"C:\Documents and Settings\velcin\Local Settings\Temporary Internet Files\Content.IE5\5AIX1RI8\affich-14885228-supprimer-shredder[1].htm"
MD5: 838d1ffff08463295c15685d77e94f45 | --a------ | 26/10/2009 13:33
.
========================= Registre:
[HKEY_CLASSES_ROOT\CLSID\{EFE976D3-2E0A-4edf-984F-DA19AFA12B51}]
""="Shredder"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EFE976D3-2E0A-4edf-984F-DA19AFA12B51}]
""="Shredder"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{EFE976D3-2E0A-4edf-984F-DA19AFA12B51}]
""="Shredder"
========================= E.O.F | 13:39:00,64
======================== SF 1.0.0.4 - C_XX | 13:35:56,89
Valeur(s) recherchée(s):
shredder
========================= Fichier(s)/Dossier(s):
"C:\Documents and Settings\velcin\Local Settings\Temporary Internet Files\Content.IE5\5AIX1RI8\affich-14885228-supprimer-shredder[1].htm"
MD5: 838d1ffff08463295c15685d77e94f45 | --a------ | 26/10/2009 13:33
.
========================= Registre:
[HKEY_CLASSES_ROOT\CLSID\{EFE976D3-2E0A-4edf-984F-DA19AFA12B51}]
""="Shredder"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EFE976D3-2E0A-4edf-984F-DA19AFA12B51}]
""="Shredder"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{EFE976D3-2E0A-4edf-984F-DA19AFA12B51}]
""="Shredder"
========================= E.O.F | 13:39:00,64
jfkpresident
Messages postés
13404
Date d'inscription
lundi 3 septembre 2007
Statut
Contributeur sécurité
Dernière intervention
5 janvier 2015
1 175
26 oct. 2009 à 17:16
26 oct. 2009 à 17:16
On va tenter une chose :
Télécharge OTM de OldTimer sur ton Bureau en cliquant sur ce lien :
http://www.geekstogo.com/forum/files/file/402-otm-oldtimers-move-it/
Double-clique sur OTMoveIt3.exe pour le lancer.
Vérifie que la case devant "Unregister Dll's and Ocx's est bien cochée.
Copie la liste qui se trouve en gras ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt : "Paste instructions for item to be moved".
:processes
explorer.exe
:Reg
:files
C:\Program Files\Playalot Games
C:\Program Files\Winferno
C:\Program Files\PC confidential
:services
:commands
[purity]
[emptytemp]
[start explorer]
[reboot]
Clique sur "MoveIt!" pour lancer la suppression.
Le résultat apparaitra dans le cadre "Results".
Clique sur "Exit" pour fermer.
Poste le rapport situé dans C:\_OTMoveIt\MovedFiles sous le nom xxxxxx_xxxxxxxxxx.log .
Télécharge OTM de OldTimer sur ton Bureau en cliquant sur ce lien :
http://www.geekstogo.com/forum/files/file/402-otm-oldtimers-move-it/
Double-clique sur OTMoveIt3.exe pour le lancer.
Vérifie que la case devant "Unregister Dll's and Ocx's est bien cochée.
Copie la liste qui se trouve en gras ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt : "Paste instructions for item to be moved".
:processes
explorer.exe
:Reg
:files
C:\Program Files\Playalot Games
C:\Program Files\Winferno
C:\Program Files\PC confidential
:services
:commands
[purity]
[emptytemp]
[start explorer]
[reboot]
Clique sur "MoveIt!" pour lancer la suppression.
Le résultat apparaitra dans le cadre "Results".
Clique sur "Exit" pour fermer.
Poste le rapport situé dans C:\_OTMoveIt\MovedFiles sous le nom xxxxxx_xxxxxxxxxx.log .
Voici le rapport
All processes killed
Error: Unable to interpret <processes > in the current context!
Error: Unable to interpret <explorer.exe > in the current context!
========== REGISTRY ==========
========== FILES ==========
C:\Program Files\Playalot Games\Resources\titanium moved successfully.
C:\Program Files\Playalot Games\Resources\player moved successfully.
C:\Program Files\Playalot Games\Resources\js moved successfully.
C:\Program Files\Playalot Games\Resources\img moved successfully.
C:\Program Files\Playalot Games\Resources\games\Word_Games\Word_Search moved successfully.
C:\Program Files\Playalot Games\Resources\games\Word_Games\Word_Scramble moved successfully.
C:\Program Files\Playalot Games\Resources\games\Word_Games\Leopardy moved successfully.
C:\Program Files\Playalot Games\Resources\games\Word_Games\Hillbilly_Hangman moved successfully.
C:\Program Files\Playalot Games\Resources\games\Word_Games\Crazy_Crossword moved successfully.
C:\Program Files\Playalot Games\Resources\games\Word_Games moved successfully.
C:\Program Files\Playalot Games\Resources\games\Sports_And_Card_Games\Soccer_Challenge moved successfully.
C:\Program Files\Playalot Games\Resources\games\Sports_And_Card_Games\Snowboard_Challenge moved successfully.
C:\Program Files\Playalot Games\Resources\games\Sports_And_Card_Games\Silly_Solitaire moved successfully.
C:\Program Files\Playalot Games\Resources\games\Sports_And_Card_Games\Hypervelocity_Racer moved successfully.
C:\Program Files\Playalot Games\Resources\games\Sports_And_Card_Games\Homerun_Champion moved successfully.
C:\Program Files\Playalot Games\Resources\games\Sports_And_Card_Games\Bumber_Jack moved successfully.
C:\Program Files\Playalot Games\Resources\games\Sports_And_Card_Games moved successfully.
C:\Program Files\Playalot Games\Resources\games\Puzzle_Games\Swap_A_Smiley moved successfully.
C:\Program Files\Playalot Games\Resources\games\Puzzle_Games\Sudoku_Master moved successfully.
C:\Program Files\Playalot Games\Resources\games\Puzzle_Games\Mayan_Mask_Mayhem moved successfully.
C:\Program Files\Playalot Games\Resources\games\Puzzle_Games\Mahjong_Traditional moved successfully.
C:\Program Files\Playalot Games\Resources\games\Puzzle_Games\Jigsaw_Puzzle moved successfully.
C:\Program Files\Playalot Games\Resources\games\Puzzle_Games\Concentration moved successfully.
C:\Program Files\Playalot Games\Resources\games\Puzzle_Games\Cherrybomb moved successfully.
C:\Program Files\Playalot Games\Resources\games\Puzzle_Games\Bad_Apple moved successfully.
C:\Program Files\Playalot Games\Resources\games\Puzzle_Games moved successfully.
C:\Program Files\Playalot Games\Resources\games\Arcade_Games\Spot_The_Difference moved successfully.
C:\Program Files\Playalot Games\Resources\games\Arcade_Games\Spaceout moved successfully.
C:\Program Files\Playalot Games\Resources\games\Arcade_Games\Smiley_Chomp moved successfully.
C:\Program Files\Playalot Games\Resources\games\Arcade_Games\Rival_Orbs moved successfully.
C:\Program Files\Playalot Games\Resources\games\Arcade_Games\Mechanical_Maze_Madness moved successfully.
C:\Program Files\Playalot Games\Resources\games\Arcade_Games\Goobers moved successfully.
C:\Program Files\Playalot Games\Resources\games\Arcade_Games moved successfully.
C:\Program Files\Playalot Games\Resources\games moved successfully.
C:\Program Files\Playalot Games\Resources\css moved successfully.
C:\Program Files\Playalot Games\Resources moved successfully.
C:\Program Files\Playalot Games\plugins moved successfully.
C:\Program Files\Playalot Games\icons moved successfully.
C:\Program Files\Playalot Games\doc\license moved successfully.
C:\Program Files\Playalot Games\doc moved successfully.
C:\Program Files\Playalot Games\cache moved successfully.
C:\Program Files\Playalot Games moved successfully.
C:\Program Files\Winferno\PC Confidential\Graphics moved successfully.
C:\Program Files\Winferno\PC Confidential moved successfully.
C:\Program Files\Winferno moved successfully.
========== SERVICES/DRIVERS ==========
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: LocalService
->Temp folder emptied: 0 bytes
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 49286 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: velcin
File delete failed. C:\Documents and Settings\velcin\Local Settings\Temp\~DF8917.tmp scheduled to be deleted on reboot.
->Temp folder emptied: 1086825 bytes
->Temporary Internet Files folder emptied: 5030736 bytes
%systemdrive% .tmp files removed: 0 bytes
C:\WINDOWS\msdownld.tmp\ASCE2A23.tmp folder deleted successfully.
C:\WINDOWS\msdownld.tmp folder deleted successfully.
%systemroot% .tmp files removed: 1432113 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
File delete failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_5f4.dat scheduled to be deleted on reboot.
Windows Temp folder emptied: 16639 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 7,29 mb
OTM by OldTimer - Version 3.0.0.6 log created on 10262009_193305
Files moved on Reboot...
C:\Documents and Settings\velcin\Local Settings\Temp\~DF8917.tmp moved successfully.
File C:\WINDOWS\temp\_avast4_\Webshlock.txt not found!
File C:\WINDOWS\temp\Perflib_Perfdata_5f4.dat not found!
Registry entries deleted on Reboot...
All processes killed
Error: Unable to interpret <processes > in the current context!
Error: Unable to interpret <explorer.exe > in the current context!
========== REGISTRY ==========
========== FILES ==========
C:\Program Files\Playalot Games\Resources\titanium moved successfully.
C:\Program Files\Playalot Games\Resources\player moved successfully.
C:\Program Files\Playalot Games\Resources\js moved successfully.
C:\Program Files\Playalot Games\Resources\img moved successfully.
C:\Program Files\Playalot Games\Resources\games\Word_Games\Word_Search moved successfully.
C:\Program Files\Playalot Games\Resources\games\Word_Games\Word_Scramble moved successfully.
C:\Program Files\Playalot Games\Resources\games\Word_Games\Leopardy moved successfully.
C:\Program Files\Playalot Games\Resources\games\Word_Games\Hillbilly_Hangman moved successfully.
C:\Program Files\Playalot Games\Resources\games\Word_Games\Crazy_Crossword moved successfully.
C:\Program Files\Playalot Games\Resources\games\Word_Games moved successfully.
C:\Program Files\Playalot Games\Resources\games\Sports_And_Card_Games\Soccer_Challenge moved successfully.
C:\Program Files\Playalot Games\Resources\games\Sports_And_Card_Games\Snowboard_Challenge moved successfully.
C:\Program Files\Playalot Games\Resources\games\Sports_And_Card_Games\Silly_Solitaire moved successfully.
C:\Program Files\Playalot Games\Resources\games\Sports_And_Card_Games\Hypervelocity_Racer moved successfully.
C:\Program Files\Playalot Games\Resources\games\Sports_And_Card_Games\Homerun_Champion moved successfully.
C:\Program Files\Playalot Games\Resources\games\Sports_And_Card_Games\Bumber_Jack moved successfully.
C:\Program Files\Playalot Games\Resources\games\Sports_And_Card_Games moved successfully.
C:\Program Files\Playalot Games\Resources\games\Puzzle_Games\Swap_A_Smiley moved successfully.
C:\Program Files\Playalot Games\Resources\games\Puzzle_Games\Sudoku_Master moved successfully.
C:\Program Files\Playalot Games\Resources\games\Puzzle_Games\Mayan_Mask_Mayhem moved successfully.
C:\Program Files\Playalot Games\Resources\games\Puzzle_Games\Mahjong_Traditional moved successfully.
C:\Program Files\Playalot Games\Resources\games\Puzzle_Games\Jigsaw_Puzzle moved successfully.
C:\Program Files\Playalot Games\Resources\games\Puzzle_Games\Concentration moved successfully.
C:\Program Files\Playalot Games\Resources\games\Puzzle_Games\Cherrybomb moved successfully.
C:\Program Files\Playalot Games\Resources\games\Puzzle_Games\Bad_Apple moved successfully.
C:\Program Files\Playalot Games\Resources\games\Puzzle_Games moved successfully.
C:\Program Files\Playalot Games\Resources\games\Arcade_Games\Spot_The_Difference moved successfully.
C:\Program Files\Playalot Games\Resources\games\Arcade_Games\Spaceout moved successfully.
C:\Program Files\Playalot Games\Resources\games\Arcade_Games\Smiley_Chomp moved successfully.
C:\Program Files\Playalot Games\Resources\games\Arcade_Games\Rival_Orbs moved successfully.
C:\Program Files\Playalot Games\Resources\games\Arcade_Games\Mechanical_Maze_Madness moved successfully.
C:\Program Files\Playalot Games\Resources\games\Arcade_Games\Goobers moved successfully.
C:\Program Files\Playalot Games\Resources\games\Arcade_Games moved successfully.
C:\Program Files\Playalot Games\Resources\games moved successfully.
C:\Program Files\Playalot Games\Resources\css moved successfully.
C:\Program Files\Playalot Games\Resources moved successfully.
C:\Program Files\Playalot Games\plugins moved successfully.
C:\Program Files\Playalot Games\icons moved successfully.
C:\Program Files\Playalot Games\doc\license moved successfully.
C:\Program Files\Playalot Games\doc moved successfully.
C:\Program Files\Playalot Games\cache moved successfully.
C:\Program Files\Playalot Games moved successfully.
C:\Program Files\Winferno\PC Confidential\Graphics moved successfully.
C:\Program Files\Winferno\PC Confidential moved successfully.
C:\Program Files\Winferno moved successfully.
========== SERVICES/DRIVERS ==========
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: LocalService
->Temp folder emptied: 0 bytes
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 49286 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: velcin
File delete failed. C:\Documents and Settings\velcin\Local Settings\Temp\~DF8917.tmp scheduled to be deleted on reboot.
->Temp folder emptied: 1086825 bytes
->Temporary Internet Files folder emptied: 5030736 bytes
%systemdrive% .tmp files removed: 0 bytes
C:\WINDOWS\msdownld.tmp\ASCE2A23.tmp folder deleted successfully.
C:\WINDOWS\msdownld.tmp folder deleted successfully.
%systemroot% .tmp files removed: 1432113 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
File delete failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_5f4.dat scheduled to be deleted on reboot.
Windows Temp folder emptied: 16639 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 7,29 mb
OTM by OldTimer - Version 3.0.0.6 log created on 10262009_193305
Files moved on Reboot...
C:\Documents and Settings\velcin\Local Settings\Temp\~DF8917.tmp moved successfully.
File C:\WINDOWS\temp\_avast4_\Webshlock.txt not found!
File C:\WINDOWS\temp\Perflib_Perfdata_5f4.dat not found!
Registry entries deleted on Reboot...
jfkpresident
Messages postés
13404
Date d'inscription
lundi 3 septembre 2007
Statut
Contributeur sécurité
Dernière intervention
5 janvier 2015
1 175
26 oct. 2009 à 20:00
26 oct. 2009 à 20:00
ça doit aller mieux maintenant ?
Bonsoir,
Il a du se passer quelque chose parce qu'il n'est plus representé pareil sur le bureau mais il est toujours écrit
Il a du se passer quelque chose parce qu'il n'est plus representé pareil sur le bureau mais il est toujours écrit
jfkpresident
Messages postés
13404
Date d'inscription
lundi 3 septembre 2007
Statut
Contributeur sécurité
Dernière intervention
5 janvier 2015
1 175
26 oct. 2009 à 22:00
26 oct. 2009 à 22:00
Relance OTM et lance ce script :
:processes
explorer.exe
:Reg
[-HKEY_CLASSES_ROOT\CLSID\{EFE976D3-2E0A-4edf-984F-DA19AFA12B51}]
""="Shredder"
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EFE976D3-2E0A-4edf-984F-DA19AFA12B51}]
""="Shredder"
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{EFE976D3-2E0A-4edf-984F-DA19AFA12B51}]
""="Shredder"
:commands
[start explorer]
:processes
explorer.exe
:Reg
[-HKEY_CLASSES_ROOT\CLSID\{EFE976D3-2E0A-4edf-984F-DA19AFA12B51}]
""="Shredder"
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EFE976D3-2E0A-4edf-984F-DA19AFA12B51}]
""="Shredder"
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{EFE976D3-2E0A-4edf-984F-DA19AFA12B51}]
""="Shredder"
:commands
[start explorer]
Voilà qui est fait. Drolement tenace ce Shredder, il est toujour là!
All processes killed
Error: Unable to interpret <All processes killed> in the current context!
Error: Unable to interpret <Error: Unable to interpret <processes > in the current context!> in the current context!
Error: Unable to interpret <Error: Unable to interpret <explorer.exe > in the current context!> in the current context!
Error: Unable to interpret <========== REGISTRY ==========> in the current context!
Error: Unable to interpret <========== FILES ==========> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\titanium moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\player moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\js moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\img moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\games\Word_Games\Word_Search moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\games\Word_Games\Word_Scramble moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\games\Word_Games\Leopardy moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\games\Word_Games\Hillbilly_Hangman moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\games\Word_Games\Crazy_Crossword moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\games\Word_Games moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\games\Sports_And_Card_Games\Soccer_Challenge moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\games\Sports_And_Card_Games\Snowboard_Challenge moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\games\Sports_And_Card_Games\Silly_Solitaire moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\games\Sports_And_Card_Games\Hypervelocity_Racer moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\games\Sports_And_Card_Games\Homerun_Champion moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\games\Sports_And_Card_Games\Bumber_Jack moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\games\Sports_And_Card_Games moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\games\Puzzle_Games\Swap_A_Smiley moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\games\Puzzle_Games\Sudoku_Master moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\games\Puzzle_Games\Mayan_Mask_Mayhem moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\games\Puzzle_Games\Mahjong_Traditional moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\games\Puzzle_Games\Jigsaw_Puzzle moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\games\Puzzle_Games\Concentration moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\games\Puzzle_Games\Cherrybomb moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\games\Puzzle_Games\Bad_Apple moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\games\Puzzle_Games moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\games\Arcade_Games\Spot_The_Difference moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\games\Arcade_Games\Spaceout moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\games\Arcade_Games\Smiley_Chomp moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\games\Arcade_Games\Rival_Orbs moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\games\Arcade_Games\Mechanical_Maze_Madness moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\games\Arcade_Games\Goobers moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\games\Arcade_Games moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\games moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\css moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\plugins moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\icons moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\doc\license moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\doc moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\cache moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Winferno\PC Confidential\Graphics moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Winferno\PC Confidential moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Winferno moved successfully.> in the current context!
Error: Unable to interpret <========== SERVICES/DRIVERS ==========> in the current context!
Error: Unable to interpret <========== COMMANDS ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[EMPTYTEMP]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <User: All Users> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <User: Default User> in the current context!
Error: Unable to interpret <->Temp folder emptied: 0 bytes> in the current context!
Error: Unable to interpret <->Temporary Internet Files folder emptied: 67 bytes> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <User: LocalService> in the current context!
Error: Unable to interpret <->Temp folder emptied: 0 bytes> in the current context!
Error: Unable to interpret <File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.> in the current context!
Error: Unable to interpret <->Temporary Internet Files folder emptied: 49286 bytes> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <User: NetworkService> in the current context!
Error: Unable to interpret <->Temp folder emptied: 0 bytes> in the current context!
Error: Unable to interpret <->Temporary Internet Files folder emptied: 33170 bytes> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <User: velcin> in the current context!
Error: Unable to interpret <File delete failed. C:\Documents and Settings\velcin\Local Settings\Temp\~DF8917.tmp scheduled to be deleted on reboot.> in the current context!
Error: Unable to interpret <->Temp folder emptied: 1086825 bytes> in the current context!
Error: Unable to interpret <->Temporary Internet Files folder emptied: 5030736 bytes> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <%systemdrive% .tmp files removed: 0 bytes> in the current context!
Error: Unable to interpret <C:\WINDOWS\msdownld.tmp\ASCE2A23.tmp folder deleted successfully.> in the current context!
Error: Unable to interpret <C:\WINDOWS\msdownld.tmp folder deleted successfully.> in the current context!
Error: Unable to interpret <%systemroot% .tmp files removed: 1432113 bytes> in the current context!
Error: Unable to interpret <%systemroot%\System32 .tmp files removed: 0 bytes> in the current context!
Error: Unable to interpret <File delete failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot.> in the current context!
Error: Unable to interpret <File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_5f4.dat scheduled to be deleted on reboot.> in the current context!
Error: Unable to interpret <Windows Temp folder emptied: 16639 bytes> in the current context!
Error: Unable to interpret <RecycleBin emptied: 0 bytes> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Total Files Cleaned = 7,29 mb> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <OTM by OldTimer - Version 3.0.0.6 log created on 10262009_193305> in the current context!
Error: Unable to interpret <Files moved on Reboot...> in the current context!
Error: Unable to interpret <C:\Documents and Settings\velcin\Local Settings\Temp\~DF8917.tmp moved successfully.> in the current context!
Error: Unable to interpret <File C:\WINDOWS\temp\_avast4_\Webshlock.txt not found!> in the current context!
Error: Unable to interpret <File C:\WINDOWS\temp\Perflib_Perfdata_5f4.dat not found!> in the current context!
Error: Unable to interpret <Registry entries deleted on Reboot...> in the current context!
OTM by OldTimer - Version 3.0.0.6 log created on 10262009_220251
Files moved on Reboot...
Registry entries deleted on Reboot...
All processes killed
Error: Unable to interpret <All processes killed> in the current context!
Error: Unable to interpret <Error: Unable to interpret <processes > in the current context!> in the current context!
Error: Unable to interpret <Error: Unable to interpret <explorer.exe > in the current context!> in the current context!
Error: Unable to interpret <========== REGISTRY ==========> in the current context!
Error: Unable to interpret <========== FILES ==========> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\titanium moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\player moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\js moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\img moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\games\Word_Games\Word_Search moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\games\Word_Games\Word_Scramble moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\games\Word_Games\Leopardy moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\games\Word_Games\Hillbilly_Hangman moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\games\Word_Games\Crazy_Crossword moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\games\Word_Games moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\games\Sports_And_Card_Games\Soccer_Challenge moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\games\Sports_And_Card_Games\Snowboard_Challenge moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\games\Sports_And_Card_Games\Silly_Solitaire moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\games\Sports_And_Card_Games\Hypervelocity_Racer moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\games\Sports_And_Card_Games\Homerun_Champion moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\games\Sports_And_Card_Games\Bumber_Jack moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\games\Sports_And_Card_Games moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\games\Puzzle_Games\Swap_A_Smiley moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\games\Puzzle_Games\Sudoku_Master moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\games\Puzzle_Games\Mayan_Mask_Mayhem moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\games\Puzzle_Games\Mahjong_Traditional moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\games\Puzzle_Games\Jigsaw_Puzzle moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\games\Puzzle_Games\Concentration moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\games\Puzzle_Games\Cherrybomb moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\games\Puzzle_Games\Bad_Apple moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\games\Puzzle_Games moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\games\Arcade_Games\Spot_The_Difference moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\games\Arcade_Games\Spaceout moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\games\Arcade_Games\Smiley_Chomp moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\games\Arcade_Games\Rival_Orbs moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\games\Arcade_Games\Mechanical_Maze_Madness moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\games\Arcade_Games\Goobers moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\games\Arcade_Games moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\games moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources\css moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\Resources moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\plugins moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\icons moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\doc\license moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\doc moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games\cache moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Playalot Games moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Winferno\PC Confidential\Graphics moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Winferno\PC Confidential moved successfully.> in the current context!
Error: Unable to interpret <C:\Program Files\Winferno moved successfully.> in the current context!
Error: Unable to interpret <========== SERVICES/DRIVERS ==========> in the current context!
Error: Unable to interpret <========== COMMANDS ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[EMPTYTEMP]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <User: All Users> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <User: Default User> in the current context!
Error: Unable to interpret <->Temp folder emptied: 0 bytes> in the current context!
Error: Unable to interpret <->Temporary Internet Files folder emptied: 67 bytes> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <User: LocalService> in the current context!
Error: Unable to interpret <->Temp folder emptied: 0 bytes> in the current context!
Error: Unable to interpret <File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.> in the current context!
Error: Unable to interpret <->Temporary Internet Files folder emptied: 49286 bytes> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <User: NetworkService> in the current context!
Error: Unable to interpret <->Temp folder emptied: 0 bytes> in the current context!
Error: Unable to interpret <->Temporary Internet Files folder emptied: 33170 bytes> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <User: velcin> in the current context!
Error: Unable to interpret <File delete failed. C:\Documents and Settings\velcin\Local Settings\Temp\~DF8917.tmp scheduled to be deleted on reboot.> in the current context!
Error: Unable to interpret <->Temp folder emptied: 1086825 bytes> in the current context!
Error: Unable to interpret <->Temporary Internet Files folder emptied: 5030736 bytes> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <%systemdrive% .tmp files removed: 0 bytes> in the current context!
Error: Unable to interpret <C:\WINDOWS\msdownld.tmp\ASCE2A23.tmp folder deleted successfully.> in the current context!
Error: Unable to interpret <C:\WINDOWS\msdownld.tmp folder deleted successfully.> in the current context!
Error: Unable to interpret <%systemroot% .tmp files removed: 1432113 bytes> in the current context!
Error: Unable to interpret <%systemroot%\System32 .tmp files removed: 0 bytes> in the current context!
Error: Unable to interpret <File delete failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot.> in the current context!
Error: Unable to interpret <File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_5f4.dat scheduled to be deleted on reboot.> in the current context!
Error: Unable to interpret <Windows Temp folder emptied: 16639 bytes> in the current context!
Error: Unable to interpret <RecycleBin emptied: 0 bytes> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Total Files Cleaned = 7,29 mb> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <OTM by OldTimer - Version 3.0.0.6 log created on 10262009_193305> in the current context!
Error: Unable to interpret <Files moved on Reboot...> in the current context!
Error: Unable to interpret <C:\Documents and Settings\velcin\Local Settings\Temp\~DF8917.tmp moved successfully.> in the current context!
Error: Unable to interpret <File C:\WINDOWS\temp\_avast4_\Webshlock.txt not found!> in the current context!
Error: Unable to interpret <File C:\WINDOWS\temp\Perflib_Perfdata_5f4.dat not found!> in the current context!
Error: Unable to interpret <Registry entries deleted on Reboot...> in the current context!
OTM by OldTimer - Version 3.0.0.6 log created on 10262009_220251
Files moved on Reboot...
Registry entries deleted on Reboot...
jfkpresident
Messages postés
13404
Date d'inscription
lundi 3 septembre 2007
Statut
Contributeur sécurité
Dernière intervention
5 janvier 2015
1 175
26 oct. 2009 à 22:26
26 oct. 2009 à 22:26
Tu as relancé le meme script ..:(
Copie/colle celui du post#19
Copie/colle celui du post#19
excuse moi cette fois c'est ça?
Error: Unable to interpret <processes > in the current context!
Error: Unable to interpret <explorer.exe > in the current context!
========== REGISTRY ==========
Registry key HKEY_CLASSES_ROOT\CLSID\{EFE976D3-2E0A-4edf-984F-DA19AFA12B51}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EFE976D3-2E0A-4edf-984F-DA19AFA12B51}\ not found.
HKEY_CLASSES_ROOT\CLSID\{EFE976D3-2E0A-4edf-984F-DA19AFA12B51}\\""|"Shredder" /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EFE976D3-2E0A-4edf-984F-DA19AFA12B51}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EFE976D3-2E0A-4edf-984F-DA19AFA12B51}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EFE976D3-2E0A-4edf-984F-DA19AFA12B51}\\""|"Shredder" /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{EFE976D3-2E0A-4edf-984F-DA19AFA12B51}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EFE976D3-2E0A-4edf-984F-DA19AFA12B51}\ deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{EFE976D3-2E0A-4edf-984F-DA19AFA12B51}\\""|"Shredder" /E : value set successfully!
========== COMMANDS ==========
OTM by OldTimer - Version 3.0.0.6 log created on 10262009_223410
Error: Unable to interpret <processes > in the current context!
Error: Unable to interpret <explorer.exe > in the current context!
========== REGISTRY ==========
Registry key HKEY_CLASSES_ROOT\CLSID\{EFE976D3-2E0A-4edf-984F-DA19AFA12B51}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EFE976D3-2E0A-4edf-984F-DA19AFA12B51}\ not found.
HKEY_CLASSES_ROOT\CLSID\{EFE976D3-2E0A-4edf-984F-DA19AFA12B51}\\""|"Shredder" /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EFE976D3-2E0A-4edf-984F-DA19AFA12B51}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EFE976D3-2E0A-4edf-984F-DA19AFA12B51}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EFE976D3-2E0A-4edf-984F-DA19AFA12B51}\\""|"Shredder" /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{EFE976D3-2E0A-4edf-984F-DA19AFA12B51}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EFE976D3-2E0A-4edf-984F-DA19AFA12B51}\ deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{EFE976D3-2E0A-4edf-984F-DA19AFA12B51}\\""|"Shredder" /E : value set successfully!
========== COMMANDS ==========
OTM by OldTimer - Version 3.0.0.6 log created on 10262009_223410
25 oct. 2009 à 17:03
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:54:54, on 25/10/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16915)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Creative\Shared Files\CamTray.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\PROGRA~1\HDTUNE~1\HDTune.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\TF1Vision\TF1vision.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\velcin\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {402C9DAE-1B66-11DD-B3DE-22D556D89593} - (no file)
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: PCCBHO.CPCCBHO - {22FC6CE8-7D47-479F-B74A-BFBB04ADB9AF} - C:\Program Files\Winferno\PC Confidential\PCCBHO.dll
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: Foxit Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: barre d'outils Orange - {D3028143-6145-4318-99D3-3EDCE54A95A9} - C:\Program Files\Orange Toolbar FR\ToolbarContainer101000313.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CamTray.exe
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [HD Tune] C:\PROGRA~1\HDTUNE~1\HDTune.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [e-TF1] C:\Program Files\TF1Vision\TF1vision.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TypingSatellite] "C:\Program Files\TypingMaster\KBOOST.EXE"
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [BlazeServoTool] "C:\Program Files\BlazeVideo\BlazeDTV 2.5a\MediaDetector.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [OrangePlayer] c:\program files\orange\media player\Media Player.exe /systray (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Policies\Explorer\Run: [] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\Policies\Explorer\Run: [] (User 'Default user')
O4 - Startup: Stardock ObjectDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe
O4 - Startup: wkcalrem.LNK = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
O4 - Startup: Y'z ToolBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe
O4 - Global Startup: BlueSoleil.lnk = ?
O4 - Global Startup: Logiciel de Synchronisation Orange.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Pense-bête.lnk = C:\Program Files\Broderbund\PrintMaster\PMREMIND.EXE
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Orange - C:\DOCUME~1\velcin\LOCALS~1\Temp\cce666.html
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - C:\Program Files\Winferno\PC Confidential\PCConfidential.exe
O9 - Extra 'Tools' menuitem: PC Confidential - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - C:\Program Files\Winferno\PC Confidential\PCConfidential.exe
O9 - Extra button: Xanadu - {5CC384BB-1326-11D5-F4AE-00C04923F885} - C:\Program Files\Foreignword\Xanadu\XanaduLaunch.exe (file missing)
O9 - Extra button: PC Confidential - {925DAB62-F9AC-4221-806A-057BFB1014AA} - C:\Program Files\Winferno\PC Confidential\PCConfidential.exe
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Orange Toolbar FR\ToolbarContainer101000313.dll
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {104B0A37-AB99-4F06-8032-8BBDC3B77DDB} (Telechargement Control) - http://www8.photoweb.fr/telechargement/Photoweb_uploader.cab
O16 - DPF: {10E0E75E-6701-4134-9D95-C0942ED1F1C8} (Snapfish Outlook Import ActiveX Control) - http://www3.snapfish.fr/SnapfishOutlookImport.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {1FF43AD5-2262-4C2F-81D4-26D710C3F305} (VB2S Mannequin Virtuel Control) - http://mannequin.redoute.fr/activex/Mannequin.cab
O16 - DPF: {297F2B65-017C-11D5-A128-00D0B7869AD6} (SpectorPhotoUploader Control) - http://www.extrafilm.fr/import/spu.cab
O16 - DPF: {2EF3FB47-7B1E-4536-BA4D-51427BD45DFA} (PIXACO Drag and Drop upload plugin) - https://www.snapfish.fr/2/home
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www3.snapfish.fr/SnapfishActivia.cab
O16 - DPF: {45391ABA-B53F-4D96-BAD8-707272110A61} (SP1MyPix.SP1Contacts) - http://www.mypix.com/fr/fr/mon_compte/SP1MyPix.CAB
O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} - http://sib1.od2.com/common/Member/ClientInstall/9.20.0002/OCI/setup.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://photosjcvel.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.extrafilm.fr/ImageUploader5.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1093115926278
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.mypix.com/importer/ImageUploader4.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://photosjcvel.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {9DF1C00D-8426-4337-972C-DC042D19A916} (FTMediaPlayer Class) - http://webtv.guidetv.orange.fr/resources/OCS_8971.cab
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.wisup.net/_plateforme/Upload/Aurigma/AurigmaActiveX/ImageUploader35.cab
O16 - DPF: {A73BAEFA-EE65-494D-BEDB-DD3E5A34FA98} (Image Uploader) - http://www.extrafilm.fr/ImageUploader4.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MediaBar) - http://sib1.od2.com/common/musicmanager/installation/MusicManagerPlugin.CAB
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} - https://support.norton.com/sp/en/us/home/current/info
O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - https://www.photobox.fr/?channel=1005
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IPSUploader Control) - http://fotolaboclub.net/ips-opdata/layout/fotolabo01/activex/IPSUploader.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - Unknown owner - C:\Program Files\ALDI Service Photo\Common\Database\bin\fbserver.exe (file missing)
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe