Trojan-psw.win32.kates.c
robinhood
-
sKe69 Messages postés 21955 Statut Contributeur sécurité -
sKe69 Messages postés 21955 Statut Contributeur sécurité -
Bonjour,
trojan-psw.win32.kate.c bloque qq applis de mon ordi, ccleaner registre effectué analyse hijack faite
ci joint log
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:16:15, on 29/07/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsgk32st.exe
C:\Program Files\Orange\AntivirusFirewall\Common\FSMA32.EXE
C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\FSGK32.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Orange\AntivirusFirewall\Common\FSMB32.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Orange\AntivirusFirewall\Common\FCH32.EXE
C:\Program Files\Orange\AntivirusFirewall\Common\FAMEH32.EXE
C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsqh.exe
C:\Program Files\Orange\AntivirusFirewall\FSAUA\program\fsaua.exe
C:\Program Files\Orange\AntivirusFirewall\FWES\Program\fsdfwd.exe
C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fssm32.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\Acer\eRecovery\Monitor.exe
C:\Program Files\Acer\Acer eMode Management\AspireService.exe
C:\Program Files\Acer\Acer eConsole\MediaSync.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\PROGRA~1\CONTRO~1\bin\optgui.exe
C:\Program Files\Orange\Systray\SystrayApp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Orange\Launcher\Launcher.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\1\AlertModule.exe
C:\Program Files\Orange\AntivirusFirewall\FSGUI\fsguidll.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Orange\Deskboard\deskboard.exe
C:\Program Files\Orange\connectivity\connectivitymanager.exe
C:\Program Files\Orange\connectivity\CoreCom\CoreCom.exe
C:\Program Files\Orange\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\1\FTCOMModule.exe
C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsav32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer fourni par Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb126\SearchSettings.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Download Manager Browser Helper Object - {19C8E43B-07B3-49CB-BFFC-6777B593E6F8} - C:\PROGRA~1\FICHIE~1\fluxDVD\DOWNLO~1\XEBDLH~1.DLL
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: iGraal - {88F05591-0079-4c37-B138-5DA8BC1782EF} - C:\Program Files\iGraal\iGraal.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb126\SearchSettings.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: iGraal - {88F05591-0079-4c37-B138-5DA8BC1782EF} - C:\Program Files\iGraal\iGraal.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [eRecoveryService] C:\Program Files\Acer\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [ntiMUI] C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [AspireService] C:\Program Files\Acer\Acer eMode Management\AspireService.exe
O4 - HKLM\..\Run: [MediaSync] C:\Program Files\Acer\Acer eConsole\MediaSync.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [Backup NOW! Scheduler] "C:\Program Files\NewTech Infosystems\NTI Backup NOW! 4\Schdlr32.exe" -s
O4 - HKLM\..\Run: [OPTENET_GUI] C:\PROGRA~1\CONTRO~1\bin\optgui.exe
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\Orange\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Orange\AntivirusFirewall\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Orange\AntivirusFirewall\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: iGraal - {88F05591-0079-4c37-B138-5DA8BC1782EF} - C:\Program Files\iGraal\iGraal.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: https://www.orange.fr/portail
O15 - Trusted Zone: *.canalplay.com (HKLM)
O15 - Trusted Zone: *.canalplusactive.com (HKLM)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20070711/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {138E6DC9-722B-4F4B-B09D-95D191869696} (Bebo Uploader Control) - http://www.bebo.com/files/BeboUploader.5.1.4.cab
O16 - DPF: {304171C0-65EA-4B51-B5D9-93A311E26EB1} (MxPEG_ActiveX Control) - http://www.lessablesdolonne.com/webcam/MxPEG_ActiveX.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD44/JSCDL/jdk/6u7/jinstall-6u7-windows-i586-jc.cab?e=1219232744769&h=42223cb5970480298f045e1dbd191489/&filename=jinstall-6u7-windows-i586-jc.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - https://www.lessablesdolonne.com/
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IPSUploader Control) - http://as.photoprintit.de/ips-opdata/layout/default01/activex/IPSUploader.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://www.downl-colorplaza.ch/clients/upload/XUpload.ocx
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\Common\FSMA32.EXE
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
trojan-psw.win32.kate.c bloque qq applis de mon ordi, ccleaner registre effectué analyse hijack faite
ci joint log
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:16:15, on 29/07/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsgk32st.exe
C:\Program Files\Orange\AntivirusFirewall\Common\FSMA32.EXE
C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\FSGK32.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Orange\AntivirusFirewall\Common\FSMB32.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Orange\AntivirusFirewall\Common\FCH32.EXE
C:\Program Files\Orange\AntivirusFirewall\Common\FAMEH32.EXE
C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsqh.exe
C:\Program Files\Orange\AntivirusFirewall\FSAUA\program\fsaua.exe
C:\Program Files\Orange\AntivirusFirewall\FWES\Program\fsdfwd.exe
C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fssm32.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\Acer\eRecovery\Monitor.exe
C:\Program Files\Acer\Acer eMode Management\AspireService.exe
C:\Program Files\Acer\Acer eConsole\MediaSync.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\PROGRA~1\CONTRO~1\bin\optgui.exe
C:\Program Files\Orange\Systray\SystrayApp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Orange\Launcher\Launcher.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\1\AlertModule.exe
C:\Program Files\Orange\AntivirusFirewall\FSGUI\fsguidll.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Orange\Deskboard\deskboard.exe
C:\Program Files\Orange\connectivity\connectivitymanager.exe
C:\Program Files\Orange\connectivity\CoreCom\CoreCom.exe
C:\Program Files\Orange\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\1\FTCOMModule.exe
C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsav32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer fourni par Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb126\SearchSettings.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Download Manager Browser Helper Object - {19C8E43B-07B3-49CB-BFFC-6777B593E6F8} - C:\PROGRA~1\FICHIE~1\fluxDVD\DOWNLO~1\XEBDLH~1.DLL
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: iGraal - {88F05591-0079-4c37-B138-5DA8BC1782EF} - C:\Program Files\iGraal\iGraal.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb126\SearchSettings.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: iGraal - {88F05591-0079-4c37-B138-5DA8BC1782EF} - C:\Program Files\iGraal\iGraal.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [eRecoveryService] C:\Program Files\Acer\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [ntiMUI] C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [AspireService] C:\Program Files\Acer\Acer eMode Management\AspireService.exe
O4 - HKLM\..\Run: [MediaSync] C:\Program Files\Acer\Acer eConsole\MediaSync.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [Backup NOW! Scheduler] "C:\Program Files\NewTech Infosystems\NTI Backup NOW! 4\Schdlr32.exe" -s
O4 - HKLM\..\Run: [OPTENET_GUI] C:\PROGRA~1\CONTRO~1\bin\optgui.exe
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\Orange\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Orange\AntivirusFirewall\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Orange\AntivirusFirewall\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: iGraal - {88F05591-0079-4c37-B138-5DA8BC1782EF} - C:\Program Files\iGraal\iGraal.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: https://www.orange.fr/portail
O15 - Trusted Zone: *.canalplay.com (HKLM)
O15 - Trusted Zone: *.canalplusactive.com (HKLM)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20070711/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {138E6DC9-722B-4F4B-B09D-95D191869696} (Bebo Uploader Control) - http://www.bebo.com/files/BeboUploader.5.1.4.cab
O16 - DPF: {304171C0-65EA-4B51-B5D9-93A311E26EB1} (MxPEG_ActiveX Control) - http://www.lessablesdolonne.com/webcam/MxPEG_ActiveX.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD44/JSCDL/jdk/6u7/jinstall-6u7-windows-i586-jc.cab?e=1219232744769&h=42223cb5970480298f045e1dbd191489/&filename=jinstall-6u7-windows-i586-jc.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - https://www.lessablesdolonne.com/
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IPSUploader Control) - http://as.photoprintit.de/ips-opdata/layout/default01/activex/IPSUploader.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://www.downl-colorplaza.ch/clients/upload/XUpload.ocx
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\Common\FSMA32.EXE
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
A voir également:
- Trojan-psw.win32.kates.c
- Trojan remover - Télécharger - Antivirus & Antimalwares
- Trojan b901 system32 win config 34 ✓ - Forum Virus
- Trojan agent ✓ - Forum Virus
- Csrss.exe trojan ✓ - Forum Virus
- [Virus] Trojan ou virus dans csrss.exe et spo - Forum Virus
45 réponses
et voila le dernier (excuses j'ai du m'absenter)
C:\WINDOWS\Installer\458B4.MSI
Antivirus;Version;Dernière mise à jour;Résultat
a-squared;4.5.0.24;2009.08.13;-
AhnLab-V3;5.0.0.2;2009.08.13;-
AntiVir;7.9.1.1;2009.08.13;-
Antiy-AVL;2.0.3.7;2009.08.13;-
Authentium;5.1.2.4;2009.08.13;-
Avast;4.8.1335.0;2009.08.12;-
AVG;8.5.0.406;2009.08.13;-
BitDefender;7.2;2009.08.13;-
CAT-QuickHeal;10.00;2009.08.13;-
ClamAV;0.94.1;2009.08.13;-
Comodo;1965;2009.08.13;-
DrWeb;5.0.0.12182;2009.08.13;-
eSafe;7.0.17.0;2009.08.13;-
eTrust-Vet;31.6.6675;2009.08.13;-
F-Prot;4.4.4.56;2009.08.13;-
F-Secure;8.0.14470.0;2009.08.13;-
Fortinet;3.120.0.0;2009.08.13;-
GData;19;2009.08.13;-
Ikarus;T3.1.1.64.0;2009.08.13;-
Jiangmin;11.0.800;2009.08.13;-
K7AntiVirus;7.10.817;2009.08.12;-
Kaspersky;7.0.0.125;2009.08.13;-
McAfee;5708;2009.08.13;-
McAfee+Artemis;5708;2009.08.13;-
McAfee-GW-Edition;6.8.5;2009.08.13;-
Microsoft;1.4903;2009.08.13;-
NOD32;4332;2009.08.13;-
Norman;;2009.08.13;-
nProtect;2009.1.8.0;2009.08.13;-
Panda;10.0.0.14;2009.08.13;Generic Malware
PCTools;4.4.2.0;2009.08.12;-
Prevx;3.0;2009.08.13;-
Rising;21.42.34.00;2009.08.13;-
Sophos;4.44.0;2009.08.13;-
Sunbelt;3.2.1858.2;2009.08.13;-
Symantec;1.4.4.12;2009.08.13;Trojan Horse
TheHacker;6.3.4.3.383;2009.08.13;-
TrendMicro;8.950.0.1094;2009.08.13;-
VBA32;3.12.10.9;2009.08.13;P2P-Worm.Win32.Bacteraloh.bp
ViRobot;2009.8.13.1883;2009.08.13;-
VirusBuster;4.6.5.0;2009.08.13;-
Information additionnelle
File size: 5842944 bytes
MD5 : 8b8ed76eb4a0dae269d7e5ce64706d97
SHA1 : 94b8e60d2f6084111878b031c1fce349cd3d449e
SHA256: 190be574aa85875dc440d82eeae009fe9c6cad1f480929c6b1ef50e5442abdd8
TrID : File type identification<BR>Microsoft Windows Installer (85.6%)<BR>Windows SDK Setup Transform Script (5.8%)<BR>Microsoft PowerPoint document (2.9%)<BR>Microsoft Excel sheet (2.8%)<BR>CaseWare 2005 Compressed file (1.9%)
ssdeep: 98304:Vpfc6iIelxVe26Xtxb2e8GegLxmeO0H4g9FaYBaW0+TkAe8TaaddoaaF471aR817:VNcZIehe2Ne8Geg0eOfsRboA7XyF
PEiD : -
RDS : NSRL Reference Data Set<BR>-
C:\WINDOWS\Installer\458B4.MSI
Antivirus;Version;Dernière mise à jour;Résultat
a-squared;4.5.0.24;2009.08.13;-
AhnLab-V3;5.0.0.2;2009.08.13;-
AntiVir;7.9.1.1;2009.08.13;-
Antiy-AVL;2.0.3.7;2009.08.13;-
Authentium;5.1.2.4;2009.08.13;-
Avast;4.8.1335.0;2009.08.12;-
AVG;8.5.0.406;2009.08.13;-
BitDefender;7.2;2009.08.13;-
CAT-QuickHeal;10.00;2009.08.13;-
ClamAV;0.94.1;2009.08.13;-
Comodo;1965;2009.08.13;-
DrWeb;5.0.0.12182;2009.08.13;-
eSafe;7.0.17.0;2009.08.13;-
eTrust-Vet;31.6.6675;2009.08.13;-
F-Prot;4.4.4.56;2009.08.13;-
F-Secure;8.0.14470.0;2009.08.13;-
Fortinet;3.120.0.0;2009.08.13;-
GData;19;2009.08.13;-
Ikarus;T3.1.1.64.0;2009.08.13;-
Jiangmin;11.0.800;2009.08.13;-
K7AntiVirus;7.10.817;2009.08.12;-
Kaspersky;7.0.0.125;2009.08.13;-
McAfee;5708;2009.08.13;-
McAfee+Artemis;5708;2009.08.13;-
McAfee-GW-Edition;6.8.5;2009.08.13;-
Microsoft;1.4903;2009.08.13;-
NOD32;4332;2009.08.13;-
Norman;;2009.08.13;-
nProtect;2009.1.8.0;2009.08.13;-
Panda;10.0.0.14;2009.08.13;Generic Malware
PCTools;4.4.2.0;2009.08.12;-
Prevx;3.0;2009.08.13;-
Rising;21.42.34.00;2009.08.13;-
Sophos;4.44.0;2009.08.13;-
Sunbelt;3.2.1858.2;2009.08.13;-
Symantec;1.4.4.12;2009.08.13;Trojan Horse
TheHacker;6.3.4.3.383;2009.08.13;-
TrendMicro;8.950.0.1094;2009.08.13;-
VBA32;3.12.10.9;2009.08.13;P2P-Worm.Win32.Bacteraloh.bp
ViRobot;2009.8.13.1883;2009.08.13;-
VirusBuster;4.6.5.0;2009.08.13;-
Information additionnelle
File size: 5842944 bytes
MD5 : 8b8ed76eb4a0dae269d7e5ce64706d97
SHA1 : 94b8e60d2f6084111878b031c1fce349cd3d449e
SHA256: 190be574aa85875dc440d82eeae009fe9c6cad1f480929c6b1ef50e5442abdd8
TrID : File type identification<BR>Microsoft Windows Installer (85.6%)<BR>Windows SDK Setup Transform Script (5.8%)<BR>Microsoft PowerPoint document (2.9%)<BR>Microsoft Excel sheet (2.8%)<BR>CaseWare 2005 Compressed file (1.9%)
ssdeep: 98304:Vpfc6iIelxVe26Xtxb2e8GegLxmeO0H4g9FaYBaW0+TkAe8TaaddoaaF471aR817:VNcZIehe2Ne8Geg0eOfsRboA7XyF
PEiD : -
RDS : NSRL Reference Data Set<BR>-
Salut,
fais ceci donc :
Télécharge OTM (de Old_Timer) sur ton Bureau.
http://www.geekstogo.com/forum/files/file/402-otm-oldtimers-move-it/
* Double clique sur "OTM.exe" pour ouvrir le prg .
* Ensuite rends toi sur cette page > https://www.cjoint.com/?iol2LCzKvu
* Puis copie tout le texte qui s' y trouve et colle le dans le cadre de gauche de OTM :
Paste Instructions for items to be moved.
(ne touche à rien d'autre !)
! Déconnecte toi et ferme toutes tes applications en cours ( navigateur compris ) !
-> clique sur MoveIt! pour lancer la suppression.
-> laisse travailler l'outil ...
-> une fois finis , un petite fenêtre s'ouvre : clique sur " Yes " .
Ton PC va redémarrer de lui même pour finir la suppression ...
Lors du redémarrage , si on te demande d'autoriser l'exécution d' OTM , accepte ( pour que l'outil finisse son boulot ... ).
-->Poste le contenu du rapport qui se trouve dans le dossier "C:\_OTM\MovedFiles"
( " xxxx2009_xxxxxx.log " où les "x" correspondent au jour et à l'heure de l'utilisation ).
fais ceci donc :
Télécharge OTM (de Old_Timer) sur ton Bureau.
http://www.geekstogo.com/forum/files/file/402-otm-oldtimers-move-it/
* Double clique sur "OTM.exe" pour ouvrir le prg .
* Ensuite rends toi sur cette page > https://www.cjoint.com/?iol2LCzKvu
* Puis copie tout le texte qui s' y trouve et colle le dans le cadre de gauche de OTM :
Paste Instructions for items to be moved.
(ne touche à rien d'autre !)
! Déconnecte toi et ferme toutes tes applications en cours ( navigateur compris ) !
-> clique sur MoveIt! pour lancer la suppression.
-> laisse travailler l'outil ...
-> une fois finis , un petite fenêtre s'ouvre : clique sur " Yes " .
Ton PC va redémarrer de lui même pour finir la suppression ...
Lors du redémarrage , si on te demande d'autoriser l'exécution d' OTM , accepte ( pour que l'outil finisse son boulot ... ).
-->Poste le contenu du rapport qui se trouve dans le dossier "C:\_OTM\MovedFiles"
( " xxxx2009_xxxxxx.log " où les "x" correspondent au jour et à l'heure de l'utilisation ).
salut,
voici le rapport log otm, je dois m'absenter jusque dimanche AM je te recontacterai, le pc rame toujours autant au chargement de la session (environ 6 à 7 mn) pour aller jusque connexion internet,
bon courage
All processes killed
========== FILES ==========
C:\WINDOWS\Installer\{91E3040C-6000-11D3-8CFE-0150048383C9}\inficon.0xe moved successfully.
C:\WINDOWS\Installer\458b4.msi moved successfully.
C:\WINDOWS\Installer\{91E3040C-6000-11D3-8CFE-0150048383C9}\inficon.exe moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
User: All Users
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: LocalService
->Temp folder emptied: 0 bytes
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 49286 bytes
User: Yves
->Temp folder emptied: 1416963 bytes
->Temporary Internet Files folder emptied: 286305853 bytes
->Java cache emptied: 1341836 bytes
User: Sylvain
->Temp folder emptied: 672846 bytes
->Temporary Internet Files folder emptied: 71994747 bytes
->Java cache emptied: 3846668 bytes
User: yves_2
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Camille
->Temp folder emptied: 296385 bytes
->Temporary Internet Files folder emptied: 115642 bytes
User: yves_2.ACER-E3B0141A93
->Temp folder emptied: 36923349 bytes
->Temporary Internet Files folder emptied: 54058326 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 22392223 bytes
%systemdrive% .tmp files removed: 0 bytes
C:\WINDOWS\msdownld.tmp folder deleted successfully.
%systemroot% .tmp files removed: 20593 bytes
%systemroot%\System32 .tmp files removed: 2676224 bytes
Windows Temp folder emptied: 31529 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 459,84 mb
OTM by OldTimer - Version 3.0.0.6 log created on 08142009_142906
Files moved on Reboot...
Registry entries deleted on Reboot...
voici le rapport log otm, je dois m'absenter jusque dimanche AM je te recontacterai, le pc rame toujours autant au chargement de la session (environ 6 à 7 mn) pour aller jusque connexion internet,
bon courage
All processes killed
========== FILES ==========
C:\WINDOWS\Installer\{91E3040C-6000-11D3-8CFE-0150048383C9}\inficon.0xe moved successfully.
C:\WINDOWS\Installer\458b4.msi moved successfully.
C:\WINDOWS\Installer\{91E3040C-6000-11D3-8CFE-0150048383C9}\inficon.exe moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
User: All Users
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: LocalService
->Temp folder emptied: 0 bytes
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 49286 bytes
User: Yves
->Temp folder emptied: 1416963 bytes
->Temporary Internet Files folder emptied: 286305853 bytes
->Java cache emptied: 1341836 bytes
User: Sylvain
->Temp folder emptied: 672846 bytes
->Temporary Internet Files folder emptied: 71994747 bytes
->Java cache emptied: 3846668 bytes
User: yves_2
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Camille
->Temp folder emptied: 296385 bytes
->Temporary Internet Files folder emptied: 115642 bytes
User: yves_2.ACER-E3B0141A93
->Temp folder emptied: 36923349 bytes
->Temporary Internet Files folder emptied: 54058326 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 22392223 bytes
%systemdrive% .tmp files removed: 0 bytes
C:\WINDOWS\msdownld.tmp folder deleted successfully.
%systemroot% .tmp files removed: 20593 bytes
%systemroot%\System32 .tmp files removed: 2676224 bytes
Windows Temp folder emptied: 31529 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 459,84 mb
OTM by OldTimer - Version 3.0.0.6 log created on 08142009_142906
Files moved on Reboot...
Registry entries deleted on Reboot...
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
re,
bien ...
ton PC rame surtout à cause du "gestionnaire orange" et tout le tremblement .... je te conseille de le supprimer ....
> https://www.commentcamarche.net/faq/4868-desactiver-le-gestionnaire-orange-wanadoo
ensuite, il faudrait peut-être aussi supprimé ta session et en recréer un autre ...
Dis moi ce que cela a donnée et on poursuit ....
bien ...
ton PC rame surtout à cause du "gestionnaire orange" et tout le tremblement .... je te conseille de le supprimer ....
> https://www.commentcamarche.net/faq/4868-desactiver-le-gestionnaire-orange-wanadoo
ensuite, il faudrait peut-être aussi supprimé ta session et en recréer un autre ...
Dis moi ce que cela a donnée et on poursuit ....
