puis je detruire scvhost.exe Résolu/Fermé

Question

'ai telecharge Wintask 5 qui m'apprend que je dois supprimer ce
svchost.exe parce qu'il a une faille et qu'il n'est pas essentiel pour mon ordi ; j'aimerai vos conseils , entendu que je ne sais absolument pas demarrer en mode sans echec , trafiquer avec le ""run " :-), reecrire , etc ..etc ..
Puis je bloquer ce processeur a l'aide de win task ?
puis je detruire ce svchost.exe ?
Je possede le win Task pour 15 jours seulement en version essai ;
mon anti virus , anti spy ,, etc n'ont rien remarque mais je trouve mon ordi bien patraque , lent , ...
Merci de vos conseils aimables et pro

Dina

Configuration: Windows XP
Mozilla 1.7.8

Silvio6 · Answer

Salut,

Non, svchost est utilisé par Windows, chaque fois qu'il en a besoin.

Cherche ton problème ailleurs.

Essaie un autre antivirus/antispyware (avg, spyware search and destroy), ajoute de la memoire, defragmente ton disque

Darkkiller · Answer

Attention

Ne confondés pas scvhost qui est un trojan et svchost qui est un processus important au bon fonctionnement de ton ordinateur.

papynard · Answer

Bonsoir,

Bien que je ne sois qu'un néophyte en matière d'informatique, je crois qu'il serait dangereux de supprimer svchost qui est un fichier système

Darkkiller · Answer

Exactement,

Mais a ne pas confondre avec scvhost !!

papynard · Answer

Tu as écrit scvhost.exe  en titre du message et svchost dans le discussion, peux(tu confirmer lequel des deux ton Wintask 5 t'a demandé de supprimer.

Darkkiller · Answer

Oui,

Car scvhost ou svhost (qui sont infectés par le ver MyDoom)

papynard · Answer

Tu peux essayer ccleaner qui un excellent nettoyeur: https://www.01net.com/outils/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/tele32599.html

philae83 · Answer

bonsoir,

si je peux me permettre, peut être télécharger hijackthis et on verrait duquel il s'agit

* Télécharge  HijackThis  et poste le rapport stp

http://pchelpbordeaux.free.fr/logiciels.html
Tutorial
http://pchelpbordeaux.free.fr/tuto.html
Démo en image
http://pageperso.aol.fr/balltrap34/demohijack.htm

dinamob · Answer

OUI; je le fais tout de suite ; je telecharge Hijack...
merci 
Dina

dinamob · Answer

Lorsque je veux telecharher Hikack , je recois une console qui me dit qu'il y a un virus ; je ne peux donc pas telcharger highkjak ;
quelle plaie ....
Dina 
Je vais essayer de le telcharger d'un autre site;
je vous remercie vraiment pour vos aides aimables et presentes ;
Dina

philae83 · Answer

bonsoir

Lorsque je veux telecharher Hikack , je recois une console qui me dit qu'il y a un virus ; je ne peux donc pas telcharger highkjak ;
quelle plaie .... 

la console qui te donne cette indication vient d'où ?
c'est écrit quoi exactement stp

est-ce que tu peux télécharger d'autre logiciels comme celui ci par ex
* Télécharge CCleaner.

https://www.pcastuces.com/logitheque/ccleaner.htm

Installe le dans un répertoire dédié.

Décoche pendant l'installation

--- les deux cases "Ajouter l'option ... "

--- Contrôler les mises à jour

--- Ajouter la Barre d'Outils Yahoo! CCleaner

* Lance Ccleaner pour un nettoyage complet.

dinamob · Answer

Bonjour

J'ai telecharge hijack sur  01 ; voici le resultat  de ce scann hyper rapide ..
Merci de  dechiffrer pour moi ce resultat ;
Dina

Logfile of HijackThis v1.99.1
Scan saved at 01:15:02, on 06/04/2007
Platform: Windows XP  (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AntiVir PersonalEdition 

Classic\avguard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 

7.5\guard.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\MOZILLA.ORG\MOZILLA\MOZILLA.EXE
C:\PROGRA~1\WINZIP\winzip32.exe
C:\Documents and Settings\francoise\Local 

Settings\Temp\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet 

Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet 

Explorer\Main,Start Page = 

http://www.goop.co.il/emule/homepage.html
R3 - URLSearchHook: (no name) - _

{5038FED1-CEFE-11D2-9E74-00A0C945A948} - (no file)
O2 - BHO: AcroIEHlprObj Class - 

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program 

Files\Adobe\Acrobat 

5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - 

{1E81433E-C456-C592-A3C7-4D09F0AB1361} - 

C:\DOCUME~1\Eden\APPLIC~1\VCRDR~1\DogSlow.exe (file 

missing)
O2 - BHO: Hook Class - 

{54C0674F-55D7-4F11-9A97-6650526B783B} - 

C:\WINDOWS\System32\ppc.dll
O2 - BHO: SSVHelper Class - 

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program 

Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: &Radio - 

{8E718888-423F-11D2-876E-00A0C9082467} - 

C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [QuickTime Task] "C:\qttask.exe" 

-atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] 

%systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\RunServices: [Microsoft System Checkup] 

libsysmgr.exe
O4 - HKCU\..\Run: [Mozilla Quick Launch] 

"C:\PROGRA~1\MOZILLA.ORG\MOZILLA\MOZILLA.EXE" -turbo
O6 - HKCU\Software\Policies\Microsoft\Internet 

Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet 

Explorer\Restrictions present
O9 - Extra button: (no name) - 

{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program 

Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - 

{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program 

Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: ICQ Pro - 

{6224f700-cba3-4071-b251-47cb894244cd} - 

C:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - 

{6224f700-cba3-4071-b251-47cb894244cd} - 

C:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra button: ICQ Lite - 

{B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program 

Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - 

{B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program 

Files\ICQLite\ICQLite.exe
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} 

(France Telecom MDM ActiveX Control) - 

http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} 

(Windows Genuine Advantage Validation Tool) - 

http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {21F49842-BFA9-11D2-A89C-00104B62BDDA} 

(ChartFX Internet Control) - 

https://service.pelephone.co.il/WebPhone/jsp/Client/C

fxIEAx.cab
O16 - DPF: {2A32B14F-4D29-4EA3-AC54-E9B19F436CE7} 

(Scanner Class) - 

http://techgenix.com/security/
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} 

(MSN Photo Upload Tool) - 

http://by12fd.bay12.hotmail.msn.com/resources/MsnPUpl

d.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} 

(WUWebControl Class) - 

http://update.microsoft.com/windowsupdate/v6/V5Contro

ls/en/x86/client/wuweb_site.cab?1143170103546
O16 - DPF: {6BEA1C48-1850-486C-8F58-C7354BA3165E} 

(Install Class) - 

http://updates.lifescapeinc.com/installers/pinstall/p

install.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} 

(ActiveScan Installer Class) - 

https://www.pandasecurity.com/?ref=www.pandasoftware.com/activescan/as5/asinst.ca

b
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} 

(Aurigma Image Uploader 3.5 Control) - 

http://showme.co.il
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} 

(MsnMessengerSetupDownloadControl Class) - 

http://messenger.msn.com/download/msnmessengersetupdo

wnloader.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} 

(a-squared Scanner) - 

http://ax.emsisoft.com/asquared.cab
O16 - DPF: {D79B6F43-F214-4E7A-9ECB-CCC8771F2416} 

(LauncherV1 Class) - 

http://www.tapuz.co.il/irc/main/launcher.cab
O16 - DPF: {EC9C20C4-FF24-11D3-81B7-00902776CF54} 

(InstallerActiveX Class) - 

http://www.netex.co.il/site/Installer.CAB
O16 - DPF: {F59AB0C4-3443-4551-A78F-C101F9DE0215} 

(LauncherV1 Class) - 

http://irc.nana.co.il/Cabs/launcher39.cab
O17 - 

HKLM\System\CCS\Services\Tcpip\..\{C9D7A8AB-D5DF-468B

-A94E-D4E7B80AD636}: NameServer = 212.116.161.40 

84.95.14.250
O18 - Protocol: msnim - 

{828030A1-22C1-4009-854F-8E305202313F} - 

"C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs:  evenncob.dll e1.dll
O20 - Winlogon Notify: sysshtic - 

C:\WINDOWS\System32\sysshtic.dll (file missing)
O23 - Service: AntiVir PersonalEdition Classic 

Service (AntiVirService) - AVIRA GmbH - C:\Program 

Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware 

Development a.s. - C:\Program Files\Grisoft\AVG 

Anti-Spyware 7.5\guard.exe
O23 - Service: Maay - Unknown owner - C:\Program 

Files\Maay\maay.exe

  
:-)

philae83 · Answer

bonsoir,

windows pas à jour
pas d'antivirus
pas de parefeu.

et infecté évidemment.....

commence par télécharger un parefeu ET un antivirus, après peut être qu'on pourra nettoyer qq chose

je prépare la suite

dinamob · Answer

Ce hijack est en anglais , il est donc difficile pour moi de le configurer intelligement ;
Dina

philae83 · Answer

quand tu auras donc installé antivirus+parefeu,
tu pourras faire la suite

* réinstalle hijackthis correctement il ne doit pas être dans les fichiers temporaires
C:\Documents and Settings\francoise\LocalSettings\Temp\HijackThis.exe 

puis

* Télécharge CCleaner.

https://www.pcastuces.com/logitheque/ccleaner.htm

Installe le dans un répertoire dédié.

Décoche pendant l'installation

--- les deux cases "Ajouter l'option ... "

--- Contrôler les mises à jour

--- Ajouter la Barre d'Outils Yahoo! CCleaner

et

* télécharge AVG Anti-Spyware (ewido)

https://www.avg.com/en-ww/free-antivirus-download

* tu l'installes

* lance AVG Anti-Spyware et clique sur le bouton Mise à jour. Patiente

et

Télécharge OTMoveIt (de Old_Timer) sur ton Bureau.
http://download.bleepingcomputer.com/oldtimer/OTMoveIt.exe



puis

Démarrer "Exécuter…" puis Tape "services.msc" et valide par  OK
la fenêtre des Services s'ouvre => vérifier dans la partie inférieure que l'onglet "Etendu" est bien sélectionné, sinon faites le.

Maay 
et le chemin
C:\Program Files\Maay\maay.exe

- Dans la colonne "Nom", DOUBLE CLIQUE sur le service noté en GRAS ci dessus, pour faire apparaître "Propriétés".
- Vérifie dans "Chemin d'accès des fichiers exécutables" qu'il s'agit bien de l'emplacement souligné.
- Puis clique sur Arrêter
- Dans le menu déroulant "Type de démarrage", sélectionne "Désactivé".
- valide la modification par OK
- Ferme la fenêtre des Services.

puis

Ouvre HijackThis---open the misc tool section>Misc tools>delete an NT service.
Dans l'invite de commande, entre : Maay 
Valide.

puis



* lance hijackthis "do a system scan only" puis coche ces lignes :

 R3 - URLSearchHook: (no name) - _ {5038FED1-CEFE-11D2-9E74-00A0C945A948} - (no file) 
O2 - BHO: (no name) - {1E81433E-C456-C592-A3C7-4D09F0AB1361} - 
C:\DOCUME~1\Eden\APPLIC~1\VCRDR~1\DogSlow.exe (file missing) 
O2 - BHO: Hook Class - {54C0674F-55D7-4F11-9A97-6650526B783B} - 
C:\WINDOWS\System32\ppc.dll 
 O4 - HKLM\..\RunServices: [Microsoft System Checkup] libsysmgr.exe 
+ toutes les lignes 016
O20 - AppInit_DLLs: evenncob.dll e1.dll 
O20 - Winlogon Notify: sysshtic - C:\WINDOWS\System32\sysshtic.dll (file missing) 
 O23 - Service: Maay - Unknown owner - C:\Program 
Files\Maay\maay.exe

* ferme toutes les applications ouvertes y compris internet explorer et clique sur "fix checked"

puis

double-clique sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.

C:\Program Files\Maay\maay.exe
C:\WINDOWS\System32\sysshtic.dll 
C:\WINDOWS\System32\ppc.dll 
C:\WINDOWS\System32\libsysmgr.exe 

clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre Results.
clique sur Exit pour fermer.
poste le rapport situé dans C:\\_OTMoveIt\MovedFiles.

il te sera peut-être demander de redémarrer le pc pour achever la suppression.
si c'est le cas accepte par Yes.

puis

Lance AVG Anti-Spyware

Clique sur le bouton Analyse (de la barre d'outils)

puis fait dans l'ordre stp. Tu sauvegardes le rapport APRES avoir mis les actions.

Puis sur l'onglet Paramètres,
sous : "Comment réagir "clique sur Actions recommandées. Sélectionne Quarantaine.

Reviens à l'onglet Analyse. Clique sur Analyse complète du système.

A la fin du scan, choisis l'option 3

"Appliquer toutes les actions " en bas.

Clique sur "Enregistrer le rapport".

Ceci génère un rapport en fichier texte qui se trouve dans le dossier Reports du dossier d'AVG Anti-Spyware.

Poste le.

* lance Ccleaner pour un nettoyage complet

* revient avec les rapports demandés ainsi qu'un nouveau rapport hijackthis

dinamob · Answer

Je te remercie de ton aide ; quel anti virus me conseilles tu et quel pare feu ?
Dina 
Je ferai tout ce que tu demandes mais sois patient s'il te plait ;
j'ai pour l'instant desinstalle May qui ne me servait a rien ; je ne sais pas pourquoi j'avais telecharge ce programme ;
quel anti virus telecharge et quel pare feu 
Dina

Djo La Force · Answer

Salut

Comme anti virus, essaie Avast ou AVG

Pour le pare-feu, Kerio Personnal Firewall est formidable

Sinon, spybot est super aussi

Voilà

Salut

dinamob · Answer

Bonsoir Philea J'ai enfin termine ces mises aux points ; j'espere que nous ne toirnerons pas en rond ; merci Philea ; <<< bonsoir, windows pas à jour pas d'antivirus pas de parefeu.>> et infecté évidemment..... Je suis desolee Philea[83] mais je ne peux pas mettre a jour Windows , il me semble, car la version posee dans mon ordinateur a ete a mon insue une version pirate ; peut -etre as -tu une idee pour contourner cette defaillance ? pas d'antivirus J'ai telecharge Avira Antivir :-) pas de parefeu. J'ai telecharge Kelio personnal firewall:-) J'ai a nouveau telecharge Hijackthis mais je dois le copier dans -programme files -car il s'est a nouveau pose dans -Temp- ; Voici tous les rapports , ci-dessous , que je peux te soumettre ce soir ; peut -etre auras tu la gentilesse de les lire ces jours et me dire si je suis sur la bonne voie . Amicalement Dina Logfile of HijackThis v1.99.1 Scan saved at 01:22:48, on 11/04/2007 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\PROGRA~1\MOZILLA.ORG\MOZILLA\MOZILLA.EXE C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Internet Explorer\iexplore.exe C:\PROGRA~1\WINZIP\winzip32.exe C:\WINDOWS\system32 otepad.exe C:\Program Files\Hijackthis Version Franחaise\hijackthis vf.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.goop.co.il/emule/homepage.html O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [QuickTime Task] "C:\qttask.exe" -atboottime O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [Mozilla Quick Launch] "C:\PROGRA~1\MOZILLA.ORG\MOZILLA\MOZILLA.EXE" -turbo O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -trayboot O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{C9D7A8AB-D5DF-468B-A94E-D4E7B80AD636}: NameServer = 212.116.161.40 84.95.14.250 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe ===================================================== 4/10/07 10:00:40. ... C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\2B9AFA95d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\AE94C69Bd01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\D1E7D714d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\9E05A1ABd01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\0BF887FEd01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\8B942F3Ed01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\60F41086d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\F21F9430d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\AF11AE26d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\D9BDE63Cd01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\9FB34C11d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\47549088d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\1A7526B4d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\71F7D62Fd01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\E194A1F0d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\E6B5A1C7d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\6D134D35d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\838B48C5d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\9E756687d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\765972E0d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\7CB87FA8d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\96E4D29Ad01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\F6BC89BEd01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\5F10E86Fd01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\5F11E86Fd01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\7FCC2861d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\4DD0D449d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\43FA6921d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\09CE0E94d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\E9A75766d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\A754D50Bd01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\03C1FFE2d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\7D7D9A3Bd01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\7575A376d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\D868A670d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\4B662D6Cd01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\6ADA8DBCd01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\CB482D6Dd01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\40962D6Cd01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\B6798DD3d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\6AD98DBCd01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\B4998DCBd01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\09798DD3d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\F761A555d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\CDFDEDB7d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\415F2F3Ed01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\6F1116E9d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\4F1105F7d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\CE57EE63d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\D41E80D5d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\B14018ADd01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\AD57A473d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\245FC8CDd01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\8F764473d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\FF79DCAEd01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\07F39938d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\F20CAC10d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\BAE976C0d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\B22F560Ad01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\C152C4A8d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\1F11D6B0d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\72E9622Dd01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\8B48BD5Fd01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\13D54ADDd01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\35E59931d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\89A5BA4Bd01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\E7694144d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\16F1046Fd01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\1C101E0Cd01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\0D71DA71d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\01A8598Ed01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\B0C32C5Ad01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\8384C5F0d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\05F0B121d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\22F0B221d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\7580ED35d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\47BA5703d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\EE4CD2F5d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\AD438BF6d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\D09C9F9Ed01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\02DFABC5d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\8B78AE95d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\64FBC148d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\A20EF2ABd01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\010F5814d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\5C916F83d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\A000D8F7d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\5C949B9Fd01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\A6B8B232d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\6C3A994Fd01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\B526E5ABd01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\784D53A5d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\6DF4F510d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\1CF7DBEDd01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\EBFA624Ad01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\D506F0E5d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\8AF087C7d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\7C10C3C3d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\DC1DB316d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\0154CCB8d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\ED23BA46d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\2469E6EFd01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\B0072AE1d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\083DC8EBd01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\13C539EBd01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\2EF5A0C5d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\21B9C814d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\83696BA5d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\E46F60E5d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\696265EEd01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\9A55971Dd01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\D3E3849Bd01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\093C2B00d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\2AB5D2D0d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\6AA7301Cd01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\245CAFA2d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\4EDA0623d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\BFF9E234d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\543136E1d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\45CAFA61d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\D62215FFd01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\42386A52d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\F4650905d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\04077D1Dd01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\20D3C30Cd01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\88F2642Ed01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\417F2943d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\24EAAD6Cd01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\24E8AD6Ad01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\3CB491DAd01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\B4D9923Ad01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\8C54673Ed01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\66357A79d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\7121573Ed01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\552634AFd01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\503AF484d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\60683D47d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\4D9C386Ed01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\BE2AD839d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\6BCD7E36d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\D32BAFD1d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\C80C1015d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\285F263Ed01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\2E812628d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\FB425F9Dd01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\6C4ABBA9d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\7D7167B1d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\FE57841Fd01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\DFDCA0D4d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\2509C2E9d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\BBE5F62Dd01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\C1EA7145d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\173FFE78d01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\F82B70BAd01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\13A2362Ed01 - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\history.dat currently in use. Will be deleted when Windows is restarted. C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\oldprefs.js - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\oldlocalstore.rdf - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\cookies.txt.old - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\_CACHE_MAP_ currently in use. Will be deleted when Windows is restarted. C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\_CACHE_001_ currently in use. Will be deleted when Windows is restarted. C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\_CACHE_002_ currently in use. Will be deleted when Windows is restarted. C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\Cache\_CACHE_003_ currently in use. Will be deleted when Windows is restarted. C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\history.dat currently in use. Will be deleted when Windows is restarted. C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\oldprefs.js - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\oldlocalstore.rdf - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\cookies.txt.old - deleted C:\Documents and Settings\francoise\Application Data\Mozilla\Firefox\Profiles\ebkmjvg1.default\cookies.txt.old - deleted C:\Documents and Settings\francoise\Recent\hijackthis.lnk - deleted C:\Documents and Settings\francoise\Recent\NewTech.lnk - deleted C:\Documents and Settings\francoise\Recent\OTMOVIT.lnk - deleted C:\Documents and Settings\francoise\Recent\ASP_10_04_07.lnk - deleted C:\DOCUME~1\FRANCO~1\LOCALS~1\Temp\~DFBED2.tmp - deleted C:\DOCUME~1\FRANCO~1\LOCALS~1\Temp\HijackThis.exe - deleted C:\DOCUME~1\FRANCO~1\LOCALS~1\Temp\backups\backup-20070410-055730-989 - deleted C:\DOCUME~1\FRANCO~1\LOCALS~1\Temp\backups\backup-20070410-055730-860 - deleted C:\DOCUME~1\FRANCO~1\LOCALS~1\Temp\backups\backup-20070410-055730-325.dll - deleted C:\DOCUME~1\FRANCO~1\LOCALS~1\Temp\backups\backup-20070410-055730-325 - deleted C:\DOCUME~1\FRANCO~1\LOCALS~1\Temp\backups\backup-20070410-055730-243 - deleted C:\DOCUME~1\FRANCO~1\LOCALS~1\Temp\backups\backup-20070410-055730-729.inf - deleted C:\DOCUME~1\FRANCO~1\LOCALS~1\Temp\backups\backup-20070410-055730-729.dll - deleted C:\DOCUME~1\FRANCO~1\LOCALS~1\Temp\backups\backup-20070410-055730-729 - deleted C:\DOCUME~1\FRANCO~1\LOCALS~1\Temp\backups\backup-20070410-055732-872.inf - deleted C:\DOCUME~1\FRANCO~1\LOCALS~1\Temp\backups\backup-20070410-055732-872.dll - deleted C:\DOCUME~1\FRANCO~1\LOCALS~1\Temp\backups\backup-20070410-055732-872 - deleted C:\DOCUME~1\FRANCO~1\LOCALS~1\Temp\backups\backup-20070410-055733-851.inf - deleted C:\DOCUME~1\FRANCO~1\LOCALS~1\Temp\backups\backup-20070410-055733-851.dll - deleted C:\DOCUME~1\FRANCO~1\LOCALS~1\Temp\backups\backup-20070410-055733-851 - deleted C:\DOCUME~1\FRANCO~1\LOCALS~1\Temp\backups\backup-20070410-055734-700.inf - deleted C:\DOCUME~1\FRANCO~1\LOCALS~1\Temp\backups\backup-20070410-055734-700 - deleted C:\DOCUME~1\FRANCO~1\LOCALS~1\Temp\backups\backup-20070410-055734-633.inf - deleted C:\DOCUME~1\FRANCO~1\LOCALS~1\Temp\backups\backup-20070410-055734-633.dll - deleted C:\DOCUME~1\FRANCO~1\LOCALS~1\Temp\backups\backup-20070410-055734-633 - deleted C:\DOCUME~1\FRANCO~1\LOCALS~1\Temp\backups\backup-20070410-055735-307.inf - deleted C:\DOCUME~1\FRANCO~1\LOCALS~1\Temp\backups\backup-20070410-055735-307.dll - deleted C:\DOCUME~1\FRANCO~1\LOCALS~1\Temp\backups\backup-20070410-055735-307 - deleted C:\DOCUME~1\FRANCO~1\LOCALS~1\Temp\backups\backup-20070410-055735-604 - deleted C:\DOCUME~1\FRANCO~1\LOCALS~1\Temp\backups\backup-20070410-055736-644.inf - deleted C:\DOCUME~1\FRANCO~1\LOCALS~1\Temp\backups\backup-20070410-055736-644.dll - deleted C:\DOCUME~1\FRANCO~1\LOCALS~1\Temp\backups\backup-20070410-055736-644 - deleted C:\DOCUME~1\FRANCO~1\LOCALS~1\Temp\backups\backup-20070410-055736-374.inf - deleted C:\DOCUME~1\FRANCO~1\LOCALS~1\Temp\backups\backup-20070410-055736-374.dll - deleted C:\DOCUME~1\FRANCO~1\LOCALS~1\Temp\backups\backup-20070410-055736-374 - deleted C:\DOCUME~1\FRANCO~1\LOCALS~1\Temp\backups\backup-20070410-055737-158.inf - deleted C:\DOCUME~1\FRANCO~1\LOCALS~1\Temp\backups\backup-20070410-055737-158.dll - deleted C:\DOCUME~1\FRANCO~1\LOCALS~1\Temp\backups\backup-20070410-055737-158 - deleted C:\DOCUME~1\FRANCO~1\LOCALS~1\Temp\backups\backup-20070410-055737-615.dll - deleted C:\DOCUME~1\FRANCO~1\LOCALS~1\Temp\backups\backup-20070410-055737-615 - deleted C:\DOCUME~1\FRANCO~1\LOCALS~1\Temp\backups\backup-20070410-055738-749 - deleted C:\DOCUME~1\FRANCO~1\LOCALS~1\Temp\backups\backup-20070410-055739-264.dll - deleted C:\DOCUME~1\FRANCO~1\LOCALS~1\Temp\backups\backup-20070410-055739-264 - deleted C:\DOCUME~1\FRANCO~1\LOCALS~1\Temp\backups\backup-20070410-055739-917 - deleted C:\DOCUME~1\FRANCO~1\LOCALS~1\Temp\backups\backup-20070410-055756-438 - deleted C:\DOCUME~1\FRANCO~1\LOCALS~1\Temp\backups\ - deleted C:\Documents and Settings\francoise\Cookies\index.dat currently in use. Will be deleted when Windows is restarted. C:\Documents and Settings\francoise\locals~1 empor~1\Content.IE5\index.dat currently in use. Will be deleted when Windows is restarted. C:\Documents and Settings\francoise\Cookies\index.dat currently in use. Will be deleted when Windows is restarted. C:\Documents and Settings\francoise\Local Settings\History\History.IE5\index.dat currently in use. Will be deleted when Windows is restarted. C:\Documents and Settings\francoise\Local Settings\History\History.IE5\MSHist012007041020070411\index.dat currently in use. Will be deleted when Windows is restarted. C:\Documents and Settings\francoise\Local Settings\Temporary Internet Files\Content.IE5\index.dat currently in use. Will be deleted when Windows is restarted. C:\Documents and Settings\LocalService\Cookies\index.dat currently in use. Will be deleted when Windows is restarted. C:\Documents and Settings\LocalService\locals~1 empor~1\Content.IE5\index.dat currently in use. Will be deleted when Windows is restarted. C:\Documents and Settings\LocalService\Cookies\index.dat currently in use. Will be deleted when Windows is restarted. C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat currently in use. Will be deleted when Windows is restarted. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat currently in use. Will be deleted when Windows is restarted. C:\WINDOWS\Prefetch\MOZILLA.EXE-218B86F4.pf - deleted C:\WINDOWS\Prefetch\AVCENTER.EXE-12CB2D60.pf - deleted C:\WINDOWS\Prefetch\AVCONFIG.EXE-0E97D553.pf - deleted C:\WINDOWS\Prefetch\AVGAS.EXE-27525987.pf - deleted C:\WINDOWS\Prefetch\WINZIP32.EXE-382A5A28.pf - deleted C:\WINDOWS\Prefetch\HIJACKTHIS.EXE-13586BA5.pf - deleted C:\WINDOWS\Prefetch\EXPLORER.EXE-082F38A9.pf - deleted C:\WINDOWS\Prefetch\ICQLITE.EXE-2D093781.pf - deleted C:\WINDOWS\Prefetch\REGEDIT.EXE-1B606482.pf - deleted C:\WINDOWS\Prefetch\REGSVR32.EXE-25EEFE2F.pf - deleted C:\WINDOWS\Prefetch\OTMOVEIT.EXE-2B560A5D.pf - deleted C:\WINDOWS\Prefetch\NOTEPAD.EXE-336351A9.pf - deleted C:\WINDOWS\Prefetch\LOGON.SCR-151EFAEA.pf - deleted C:\WINDOWS\Prefetch\Layout.ini - deleted C:\WINDOWS\Prefetch\DEFRAG.EXE-273F131E.pf - deleted C:\WINDOWS\Prefetch\DFRGFAT.EXE-03D95883.pf - deleted C:\WINDOWS\Prefetch\GUARDGUI.EXE-1EE08CA2.pf - deleted C:\WINDOWS\Prefetch\CLEANUP.EXE-1B0F5664.pf - deleted C:\WINDOWS\system32\CatRoot2\edb.chk - deleted C:\WINDOWS\security\edb.chk - deleted C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat currently in use. Will be deleted when Windows is restarted. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat currently in use. Will be deleted when Windows is restarted. C:\Documents and Settings\LocalService\Cookies\index.dat currently in use. Will be deleted when Windows is restarted. C:\Documents and Settings\francoise\Local Settings\Temporary Internet Files\Content.IE5\index.dat currently in use. Will be deleted when Windows is restarted. C:\Documents and Settings\francoise\Local Settings\History\History.IE5\index.dat currently in use. Will be deleted when Windows is restarted. C:\Documents and Settings\francoise\Local Settings\History\History.IE5\MSHist012007041020070411\index.dat currently in use. Will be deleted when Windows is restarted. C:\Documents and Settings\francoise\Cookies\index.dat currently in use. Will be deleted when Windows is restarted. C:\Documents and Settings\francoise\UserData\index.dat - deleted C:\Program Files\Goop.co.il\Fire eMule 7\downloads.bak - deleted C:\Program Files\Goop.co.il\Fire eMule 7\config\clients.met.bak - deleted C:\Program Files\Goop.co.il\Fire eMule 7\Temp\004.part.met.bak - deleted C:\Program Files\Goop.co.il\Fire eMule 7\Temp\013.part.met.bak - deleted C:\Program Files\Goop.co.il\Fire eMule 7\Temp\010.part.met.bak - deleted C:\Program Files\Goop.co.il\Fire eMule 7\Temp\002.part.met.bak - deleted C:\Program Files\Goop.co.il\Fire eMule 7\Temp\003.part.met.bak - deleted C:\Program Files\Goop.co.il\Fire eMule 7\Temp\006.part.met.bak - deleted C:\Program Files\Goop.co.il\Fire eMule 7\Temp\005.part.met.bak - deleted C:\Program Files\Goop.co.il\Fire eMule 7\Temp\008.part.met.bak - deleted C:\Program Files\Kerio\Personal Firewall 4\Config\kpf.cfg.bak - deleted C:\FOUND.113\FILE0000.CHK - deleted 'Run MRU' list - removed from the registry. Paint Recent File List - removed from the registry. WordPad Recent File List - removed from the registry. Telnet's MRU list - removed from the registry. WinZip Extract MRU list - removed from the registry. WinZip File MRU list - removed from the registry. CleanUp! 4.0 recovered 39.0 MB of disk space from 1332 files. CleanUp! finished on 04/10/07 10:02:29. ================================================== Suite >>>>

dinamob · Answer

AntiVir PersonalEdition Classic
Report file date: &#1497;&#1493;&#1501; &#1513;&#1500;&#1497;&#1513;&#1497; 10 &#1488;&#1508;&#1512;&#1497;&#1500; 2007  15:02

Scanning for 730165 virus strains and unwanted programs.

Licensed to:      Avira AntiVir PersonalEdition Classic
Serial number:    0000149996-ADJIE-0001
Platform:         Windows XP
Windows version:  (plain)  [5.1.2600]
Username:         francoise
Computer name:    CITY-W5K391PQVY

Version information:
BUILD.DAT    : 217           12749 Bytes  05/12/2006 17:00:00
AVSCAN.EXE   : 7.0.3.5      208936 Bytes  09/04/2007 18:05:16
AVSCAN.DLL   : 7.0.3.1       35880 Bytes  05/12/2006 15:00:24
LUKE.DLL     : 7.0.3.2      143400 Bytes  31/10/2006 15:07:48
LUKERES.DLL  : 7.0.2.0        9256 Bytes  05/12/2006 15:00:24
ANTIVIR0.VDF : 6.35.0.1    7371264 Bytes  31/05/2006 14:30:08
ANTIVIR1.VDF : 6.37.1.151  4303360 Bytes  23/02/2007 18:05:18
ANTIVIR2.VDF : 6.38.0.186   608768 Bytes  06/04/2007 18:05:18
ANTIVIR3.VDF : 6.38.0.196    34304 Bytes  10/04/2007 10:11:18
AVEWIN32.DLL : 7.3.1.48    2388480 Bytes  09/04/2007 18:05:24
AVPREF.DLL   : 7.0.2.0       23592 Bytes  03/11/2006 09:53:46
AVREP.DLL    : 6.38.0.90   1204264 Bytes  09/04/2007 18:05:20
AVRPBASE.DLL : 7.0.0.0     2162728 Bytes  30/03/2006 07:43:32
AVPACK32.DLL : 7.3.0.8      360488 Bytes  09/04/2007 18:05:24
AVREG.DLL    : 7.0.1.2       30760 Bytes  09/04/2007 18:05:16
NETNT.DLL    : No Information!
RCIMAGE.DLL  : 7.0.1.3     2097192 Bytes  08/11/2006 11:26:28
RCTEXT.DLL   : 7.0.12.1      77864 Bytes  05/12/2006 15:00:22

Configuration settings for the scan:
Jobname..........................: Manual Selection
Configuration file...............: C:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\PROFILES\folder.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: D:, 
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: &#1497;&#1493;&#1501; &#1513;&#1500;&#1497;&#1513;&#1497; 10 &#1488;&#1508;&#1512;&#1497;&#1500; 2007  15:02

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Modules have been scanned
Scan process 'avscan.exe' - '1' Modules have been scanned
Scan process 'miranda32.exe' - '1' Modules have been scanned
Scan process 'avcenter.exe' - '1' Modules have been scanned
Scan process 'avgnt.exe' - '1' Modules have been scanned
Scan process 'MOZILLA.EXE' - '1' Modules have been scanned
Scan process 'avgas.exe' - '1' Modules have been scanned
Scan process 'Explorer.EXE' - '1' Modules have been scanned
Scan process 'kpf4gui.exe' - '1' Modules have been scanned
Scan process 'kpf4gui.exe' - '1' Modules have been scanned
Scan process 'MsPMSPSv.exe' - '1' Modules have been scanned
Scan process 'wdfmgr.exe' - '1' Modules have been scanned
Scan process 'svchost.exe' - '1' Modules have been scanned
Scan process 'kpf4ss.exe' - '1' Modules have been scanned
Scan process 'avguard.exe' - '1' Modules have been scanned
Scan process 'sched.exe' - '1' Modules have been scanned
Scan process 'svchost.exe' - '1' Modules have been scanned
Scan process 'svchost.exe' - '1' Modules have been scanned
Scan process 'svchost.exe' - '1' Modules have been scanned
Scan process 'svchost.exe' - '1' Modules have been scanned
Scan process 'lsass.exe' - '1' Modules have been scanned
Scan process 'services.exe' - '1' Modules have been scanned
Scan process 'winlogon.exe' - '1' Modules have been scanned
Scan process 'csrss.exe' - '1' Modules have been scanned
Scan process 'smss.exe' - '1' Modules have been scanned
25 processes with 25 modules were scanned

Start scanning boot sectors:
Boot sector 'A:\'
      [NOTE]      In the drive 'A:\' no data medium is inserted!
Boot sector 'C:\'
      [NOTE]      No virus was found!

Starting to scan the registry.
The registry was scanned ( 9 files ).


Starting the file scan:

Begin scan in 'A:\'
The path A:\ could not be found!
The device is not ready.

Begin scan in 'C:\'
C:\pagefile.sys
      [WARNING]   The file could not be opened!
C:\hiberfil.sys
      [WARNING]   The file could not be opened!
Begin scan in 'D:\'
The path D:\ could not be found!
The device is not ready.



End of the scan: &#1497;&#1493;&#1501; &#1513;&#1500;&#1497;&#1513;&#1497; 10 &#1488;&#1508;&#1512;&#1497;&#1500; 2007  16:27
Used time:  1:25:48 min

The scan has been done completely.

   5173 Scanning directories
 150967 Files were scanned
      0 viruses and/or unwanted programs were found
      0 files were deleted
      0 files were repaired
      0 files were moved to quarantine
      0 files were renamed
      2 Files cannot be scanned
 150967 Files not concerned
   1433 Archives were scanned
      2 Warnings
      0 Notes
===================================================
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

 + Created at:	08:31:59 10/04/2007

 + Scan result:	



C:\WINDOWS\system32\1171480601.exe -> Adware.BHO : Cleaned with backup (quarantined).
:mozilla.6:C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.18:C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.19:C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.


::Report end
===========================================
---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

 + Created at:	08:31:59 10/04/2007

 + Scan result:	



C:\WINDOWS\system32\1171480601.exe -> Adware.BHO : Cleaned with backup (quarantined).
:mozilla.6:C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.18:C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.19:C:\Documents and Settings\francoise\Application Data\Mozilla\Profiles\default\gqaon9zy.slt\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.


::Report end

==========================================
OTMOVIT

File/Folder C:\Program Files\Maay\maay.exe not found.
File/Folder C:\WINDOWS\System32\sysshtic.dll not found.
File/Folder C:\WINDOWS\System32\ppc.dll not found.
File/Folder C:\WINDOWS\System32\libsysmgr.exe not found.
 
Created on 04/10/2007 06:03:04

===================

Merci de ton attention qui m'est precieuse ;

Dina

philae83 · Answer

bonsoir,

peut -etre as -tu une idee pour contourner cette defaillance

non aucune à ma connaissance



pas d'antivirus

J'ai telecharge Avira Antivir :-)

parfait


pas de parefeu.

J'ai telecharge Kelio personnal firewall:-) 
parfait aussi

il semblerait que c'est pas mal du tout.
Où en es tu ? ton pc tourne t il correctement maintenant ?

il faudrait aire un scan antivirus en ligne
https://www.bitdefender.fr/
et copie colle le résultat ici
* En bas, à gauche de la fenêtre, clique sur BitDefender SCAN ONLINE
* Dans la nouvelle fenêtre, clique sur I agree
* La fenêtre change encore, clique sur Click here to scan
* Les signatures se chargent, etc.

tuto en image

http://pageperso.aol.fr/rginformatique/mapage/defender.htm

dinamob · Answer

Chere Philea 

Voici la conclusion , ci dessous , de ces jours  studieux pour le bon fonctionnement de mon ordi  ; j'ai encore bien des lacunes mais peu a peu , je peux me perfectionner ; 
tout semble en ordre ? ! , au niveau , bebetes , pandemie et autres ravages pas si mechants que ca si nous comparons nos malheurs virtuels de nantis a la misere  vers laquelle nous poussons inconscients notre planete ; 
je te remercie pour ta presence irremplacable dans mon environnement JUSQU'A LA  RESOLUTION DU PROBLEME ;

j'ai un "ennui "  au niveau de la langue et des users ; je vais rediger cette enigme puis , te la , vous ,  poster le + clairement possible ;

si je peux t'etre , vous etre , utile en echange , qui sait ? n'hesite pas a en faire la demande ;

Amicalement 

Dina Mob 






*************************************
BitDefender Online Scanner - Rapport virus en temps réel
	
Généré à: Wed, Apr 11, 2007 - 21:33:32

 Info d'analyse
	

Fichiers scannés
	178301

Infectés Fichiers
	
0
	Virus Détectés
	
Aucun virus trouvé.
	
Ce sommaire du processus d'analyse sera utilisé par les laboratoires Antivirus BitDefender pour créer des statistiques agréguées sur l'activité des virus dans le monde.
	

 **************************************

philae83 · Answer

bonsoir, tout semble rentré dans l'ordre. au vu du dernier rapport * Tu peux supprimer tous les logiciels que nous avons utilisés qui traitent des infections spécifiques et qui sont mis à jour réguliérement. * démarrer-----------panneau de configuration------------système---------- onglet Restauration système-----------coche la case (Désactiver la restauration système)-------------- redémarre l'ordinateur réactive la ensuite * Pour améliorer la sécurité de ton PC prend quelques instants pour lire CECI * Dénonce ton infection pour faire condamner les auteurs. Crée un message pour faire avancer les choses sur Malware-Complaints, nous devons être les plus nombreux possibles, alors rends compte de ton infection : - Voir les règles du forum : https://malwarecomplaints.info/ - Après t'être enregistré à l'aide du bouton en haut se nommant "Register" Si tu as plus de 13 ans, choisir : "I Agree to these terms and am over or exactly 13 years of age" Si tu as moins, clique sur : "I Agree to these terms and am under 13 years of age" Tu as alors sous forme de liste un sujet par type d'infection (Look2Me, Smitfraud, SpywareQuake etc..). La tienne = ****** ---> https://malwarecomplaints.info/ Si le malware que tu as eu n'apparaît pas dans la liste, ou si tu ne sais pas par quoi tu étais infecté(e), crée un message dans le sujet Autres infections conforme au règle du forum (age, ville, département etc..) Indique aussi le nom du Forum qui t'a aidé, CommentCaMarche * met ton sujet en RESOLU stp, merci.

Puis je detruire scvhost.exe

22 réponses

Discussions similaires