Sujet Précédent Sujet Suivant

Pc lent,infecté...!!!

Résolu
loustick -  
 Utilisateur anonyme -
Bonjour tout le monde,
voila mon probleme:(deja je suis une vrais bille en informatique)mon ordinateur est de plus en plus long,j'ai des fenetres de pub qui s'affiche assez souvent,des fenetres qui me dise que mon ordi est infecté et quand je clic sur le lien cela m'emmene sur le net pour que je télécharge divers logiciels de sécurité,et derniere chose,mon ordi affiche une page bleu avec des écritures blanche et je suis obligé d'appuyer sur le boutton de l'UC longtemp pour l'eteindre et le rallumer car je suis bloqué,plus aucune touche ne marche.
c'est windows xp,et j'ais avast,ccleaner,spybot,ad-aware,et spyware doctor.
PS:désolé pour l'hortographe,je suis nul.
MERCI d'avance pour votre aide.
A voir également:

54 réponses

Précédent
Réponse 21 / 54
Utilisateur anonyme
 
... Redémarre et réésaye.

( coupe ton anti-virus et tes protections le temps de le faire , et ne va pas sur internet )

++
0
Réponse 22 / 54
loustick
 
voila le premier:

ComboFix 08-03-27.1 - loulou 2008-03-28 19:49:18.4 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.353 [GMT 1:00]
Endroit: C:\Documents and Settings\loulou\Bureau\combofix.exe
Command switches used :: C:\Documents and Settings\loulou\Bureau\CFScript.txt..txt
* Création d'un nouveau point de restauration

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]

FILE ::
C:\Documents and Settings\loulou\BureauTrojan.Win32.BlackBird.exe
C:\WINDOWS\kdftlboerfg.dll
C:\WINDOWS\system32\bohsdyzs.exe
C:\WINDOWS\system32\ctyvkzcz.exe
C:\WINDOWS\system32\dopedufs.exe
C:\WINDOWS\system32\mbgrcjax.exe
C:\WINDOWS\system32\twvgredq.exe
C:\WINDOWS\system32\zkjqnezg.exe
.

((((((((((((((((((((((((((((( Fichiers créés 2008-02-28 to 2008-03-28 ))))))))))))))))))))))))))))))))))))
.

2008-03-28 16:47 . 2008-03-28 03:49 <REP> d-------- C:\SDFix
2008-03-28 15:26 . 2008-03-28 15:26 <REP> d-------- C:\Program Files\Trend Micro
2008-03-27 20:28 . 2008-03-28 18:02 <REP> d-------- C:\Program Files\Spyware Doctor
2008-03-27 20:28 . 2008-03-27 20:28 <REP> d-------- C:\Documents and Settings\loulou\Application Data\PC Tools
2008-03-27 20:28 . 2007-12-10 14:53 81,288 --a------ C:\WINDOWS\system32\drivers\iksyssec.sys
2008-03-27 20:28 . 2007-12-10 14:53 66,952 --a------ C:\WINDOWS\system32\drivers\iksysflt.sys
2008-03-27 20:28 . 2008-02-01 12:55 42,376 --a------ C:\WINDOWS\system32\drivers\ikfilesec.sys
2008-03-27 20:28 . 2007-12-10 14:53 29,576 --a------ C:\WINDOWS\system32\drivers\kcom.sys
2008-03-27 15:50 . 2008-03-27 15:50 <REP> d-------- C:\Program Files\Lavasoft
2008-03-27 15:50 . 2008-03-27 15:50 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-03-26 12:12 . 2008-03-26 12:12 <REP> d-------- C:\Program Files\PC-Cleaner
2008-03-25 11:35 . 2008-03-25 11:35 4,096 --a------ C:\Documents and Settings\loulou\BureauFWebdEditor.exe
2008-03-25 11:35 . 2008-03-25 11:35 4,096 --a------ C:\Documents and Settings\loulou\Bureaufwebd.exe
2008-03-25 11:35 . 2008-03-25 11:35 4,096 --a------ C:\Documents and Settings\loulou\Bureaufkwp2.0.exe
2008-03-25 11:35 . 2008-03-25 11:35 4,096 --a------ C:\Documents and Settings\loulou\Bureaufkwp1.5.exe
2008-03-25 11:35 . 2008-03-25 11:35 4,096 --a------ C:\Documents and Settings\loulou\Bureaufilemanagerclient.exe
2008-03-25 11:35 . 2008-03-25 11:35 4,096 --a------ C:\Documents and Settings\loulou\BureauEditorFKWP2.0.exe
2008-03-25 11:35 . 2008-03-25 11:35 4,096 --a------ C:\Documents and Settings\loulou\BureauEditorFKWP1.5.exe
2008-03-19 12:07 . 2008-03-28 15:04 <REP> d-------- C:\Program Files\a-squared Free
2008-03-18 18:40 . 2008-03-18 18:40 268 --ah----- C:\sqmdata01.sqm
2008-03-18 18:40 . 2008-03-18 18:40 244 --ah----- C:\sqmnoopt01.sqm
2008-03-17 20:51 . 2008-03-17 20:51 <REP> d-------- C:\Program Files\Sony Ericsson
2008-03-17 20:19 . 2008-03-17 20:19 <REP> d-------- C:\WINDOWS\Downloaded Installations
2008-03-17 20:18 . 2008-03-17 20:18 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Teleca
2008-03-17 20:18 . 2008-03-17 20:18 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Sony Ericsson
2008-03-17 14:02 . 2007-04-03 13:59 23,176 -ra------ C:\WINDOWS\system32\drivers\s616nd5.sys
2008-03-17 14:01 . 2007-04-03 13:59 100,360 -ra------ C:\WINDOWS\system32\drivers\s616mgmt.sys
2008-03-17 14:01 . 2007-04-03 13:59 99,080 -ra------ C:\WINDOWS\system32\drivers\s616unic.sys
2008-03-17 14:01 . 2007-04-03 13:59 11,016 -ra------ C:\WINDOWS\system32\drivers\s616cr.sys
2008-03-17 14:00 . 2007-04-03 13:59 108,680 -ra------ C:\WINDOWS\system32\drivers\s616mdm.sys
2008-03-17 14:00 . 2007-04-03 13:59 98,568 -ra------ C:\WINDOWS\system32\drivers\s616obex.sys
2008-03-17 14:00 . 2007-04-03 13:59 83,208 -ra------ C:\WINDOWS\system32\drivers\s616bus.sys
2008-03-17 14:00 . 2007-04-03 13:59 15,112 -ra------ C:\WINDOWS\system32\drivers\s616mdfl.sys
2008-03-17 14:00 . 2007-04-03 13:59 12,424 -ra------ C:\WINDOWS\system32\drivers\s616whnt.sys
2008-03-17 14:00 . 2007-04-03 13:59 12,424 -ra------ C:\WINDOWS\system32\drivers\s616wh.sys
2008-03-17 14:00 . 2007-04-03 13:59 12,424 -ra------ C:\WINDOWS\system32\drivers\s616cmnt.sys
2008-03-17 14:00 . 2007-04-03 13:59 12,424 -ra------ C:\WINDOWS\system32\drivers\s616cm.sys
2008-03-17 13:59 . 2008-03-17 13:59 <REP> d-------- C:\Documents and Settings\loulou\Application Data\Teleca
2008-03-17 13:49 . 2008-03-17 14:21 <REP> d-------- C:\Program Files\Fichiers communs\Teleca Shared
2008-03-17 13:49 . 2008-03-17 13:49 <REP> d-------- C:\Documents and Settings\loulou\Application Data\Sony Ericsson
2008-03-15 18:43 . 2008-03-15 18:44 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-03-14 13:28 . 2008-03-14 13:28 <REP> d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier
2008-03-14 13:27 . 2008-03-14 14:25 <REP> d-------- C:\WINDOWS\system32\ZoneLabs
2008-03-14 13:27 . 2004-04-27 04:40 11,264 --a------ C:\WINDOWS\system32\SpOrder.dll
2008-03-14 13:27 . 2008-03-14 13:30 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2008-03-14 13:25 . 2008-03-14 14:25 <REP> d-------- C:\WINDOWS\Internet Logs
2008-03-08 11:13 . 2008-03-08 11:13 <REP> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-03-08 11:05 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2008-03-08 11:05 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll
2008-03-08 11:05 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-03-08 00:04 . 2008-03-18 20:35 <REP> d--hsc--- C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-03-08 00:04 . 2008-03-18 20:44 <REP> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-02-29 21:24 . 2008-03-27 21:31 <REP> d-------- C:\Documents and Settings\loulou\Application Data\OpenOffice.org2
2008-02-29 21:18 . 2008-03-27 21:35 <REP> d-------- C:\Program Files\OpenOffice.org 2.3

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-28 18:45 --------- d-----w C:\Program Files\Wanadoo
2008-03-28 17:15 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-03-28 13:34 --------- d-----w C:\Program Files\MSN Messenger
2008-03-28 13:34 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-03-28 12:45 --------- d-----w C:\Program Files\eMule
2008-03-25 18:52 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-03-18 19:44 --------- d-----w C:\Program Files\Windows Live
2008-03-18 18:11 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-03-07 12:53 --------- d-----w C:\Documents and Settings\loulou\Application Data\LimeWire
2008-03-06 16:00 --------- d-----w C:\Documents and Settings\All Users\Application Data\VadeRetro
2008-02-14 11:19 --------- d-----w C:\Documents and Settings\loulou\Application Data\Vso
2008-02-13 18:48 --------- d-----w C:\Program Files\VSO
2008-02-08 17:38 --------- d-----w C:\Program Files\AviSynth 2.5
2008-02-08 12:27 --------- d-----w C:\Program Files\WinAVI MP4 Converter
2008-02-07 17:42 --------- d-----w C:\Documents and Settings\loulou\Application Data\Any Video Converter Professional
2008-02-07 17:41 --------- d-----w C:\Program Files\PSPWare
2008-02-07 17:24 --------- d-----w C:\Documents and Settings\loulou\Application Data\Nullriver
2007-07-23 09:02 0 --sha-w C:\WINDOWS\SMINST\HPCD.sys
.

((((((((((((((((((((((((((((( snapshot@2008-03-28_18.57.34,73 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-03-28 18:44:12 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_554.dat
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WOOKIT"="C:\PROGRA~1\Wanadoo\Shell.exe" [2004-08-23 14:50 122880]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 16:45 313472]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 18:03 152872]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-24 13:00 15360]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-08-05 20:34 64512]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-05-10 18:12 90112]
"RTHDCPL"="RTHDCPL.EXE" [2006-08-24 03:08 16050688 C:\WINDOWS\RTHDCPL.exe]
"DetectorApp"="C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe" [2005-10-20 13:15 102400]
"ISUSPM Startup"="C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 23:50 221184]
"ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2004-07-27 23:50 81920]
"WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 14:49 20480]
"WOOTASKBARICON"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 16:55 32768]
"RealTray"="C:\Program Files\Real\RealPlayer\RealPlay.exe" [2006-11-11 16:38 26112]
"Vaderetro Outlook"="C:\PROGRA~1\GOTOSO~1\VADERE~1\VrMoRegister.exe" [2006-07-22 10:59 44544]
"Vade Retro Outlook Express"="C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe" [2006-02-16 15:46 295936]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-11-11 16:38 98304]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 01:41 49152]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2007-03-01 14:57 153136]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 03:21:22 288472]
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26 29696]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMBalloonTip"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLacsd.exe"=
"C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLDial.exe"=
"C:\\Program Files\\AOL 9.0\\waol.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\eMule\\eMule.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"4160:TCP"= 4160:TCP:emule tcp
"4161:UDP"= 4161:UDP:emule udp

R3 usbstor;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2006-03-24 13:00]
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 21:58]
S3 ZDCndis5;ZDCndis5 Protocol Driver;C:\WINDOWS\system32\ZDCndis5.SYS []

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\J]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe folder.htt 480 480

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\Z]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe folder.htt 480 480

.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-28 19:50:56
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-03-28 19:51:21
ComboFix-quarantined-files.txt 2008-03-28 18:51:18
ComboFix2.txt 2008-03-28 18:31:15
ComboFix3.txt 2008-03-28 18:02:41
ComboFix4.txt 2008-03-28 17:57:44
Pre-Run: 84,399,288,320 octets libres
Post-Run: 84,387,373,056 octets libres
.
2008-03-12 10:15:59 --- E O F ---
0
Réponse 23 / 54
loustick
 
et voila l'autre:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:54:48, on 28/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Wanadoo\Watch.exe
C:\PROGRA~1\Wanadoo\WOOBrowser\WOOBrowser.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMul1.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMul1.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMul1.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [DetectorApp] "C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [Vaderetro Outlook] "C:\PROGRA~1\GOTOSO~1\VADERE~1\VrMoRegister.exe -s"
O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKCU\..\Run: [WOOKIT] "C:\PROGRA~1\Wanadoo\Shell.exe" appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{267B118B-C8C3-48F8-AEC1-5C3B5742FFBE}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS1\Services\Tcpip\..\{267B118B-C8C3-48F8-AEC1-5C3B5742FFBE}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Unknown owner - C:\Program Files\Ares\chatServer.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: USBDeviceService - Unknown owner - C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
0
Réponse 24 / 54
Utilisateur anonyme
 
Re ,

→ Relance hijackthis , en menu principal choisis ' Do a system scan ' Et fixe ces/cette ligne(s) : ( coche la case à leurs gauches > ' fixchecked ')

R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)

**************************************
Ta version d'Adobe n'est pas à jour , désinstalle ta version actuelle en passant par ' ajout et supréssion de programmes '

Puis télécharge la dernière , via ce site --> https://get2.adobe.com/reader/otherversions/

Bulletin de sécurité sur les versions Adobe 7.0.8 et antérieures :

https://www.adobe.com/support/security/bulletins/apsb07-01.html

https://get2.adobe.com/reader/otherversions/

******************************

Service: Ares Chatroom server (AresChatServer)
Service: Planificateur LiveUpdate automatique

arrête ces 2 services ,

Démarrer > executer > ' services.msc ' ,

- Clic droit sur les services cités
- propriétés
- et dans "type de démarrage" et mets le sur « désactivé ».
- Ensuite si le "Status du service" est sur "Démarré" faire : « arrêté »

Tutorial : https://www.zebulon.fr/dossiers/windows/31-services.html

********************************

Délaisse Avast au profit d'Antivir , contrairement à ce que tout le monde pense , Avast n'est pas aussi bien que l'on pourrais le croire regarde le classement des AV
et constate par toi même → Avast vs Antivir

Vire Avast → Désinstalle Avast 'proprement' ( merci espion3004)

Et télécharge Antivir ( PersonnalEdition Classic) → ici

Tuto Installation + configuration Antivir → https://www.malekal.com/avira-free-security-antivirus-gratuit/

Tuto Installation : → https://www.astucesinternet.com/modules/news/article.php?storyid=253

Pour le rendre encore plus discret....

*************************

Télécharge le pare-feu ZoneAlarm Lit bien tout l'article pour éviter les surprises.

Des soucis avec ?

*******************

→ Télécharge CleanUp452 ( Primary download site ... )

→ Lance-le et choisi l'option ' cleanup! '

Poste le rapport.

Tutorial: http://pageperso.aol.fr/balltrap34/democleanup.htm ( merci à balltrap34 )

*************

Télécharge clean : http://www.malekal.com/download/clean.zip

→ Dézippe-le ( clique droit , extraire tout)

→ Lance clean.cmd ( ou clean ), Choisi l'option 1 et poste moi le rapport.

(- Où est le rapport clean ? : « Poste de travail » / double clic sur disque « C / » double-clic sur « rapport_clean.txt » et « copier/coller le contenu » sur le forum. )

Note : Tu auras peut-être un message qui t'invitera a uploader un fichier , fait-le dès que tu pourras.

*********

2 rapports , cleanup & clean.

A+
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 54
loustick
 
voici le rapport de cleanup:

CleanUp! started on 03/28/08 21:07:01.
...
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\mag-18[1].jpg - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\mag-20[1].jpg - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\mag-3[1].gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\maison-098[1].gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\maison080[1].gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\mapiconpoi2[1].png - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\marieRightShadow[1].png - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\MC_DC_TMPL_trans-0.3-1[1].js - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\mc_promo[1].htm - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\md_1155198105[1].jpg - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\md_1158849982[1].jpg - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\md_1158850081[1].jpg - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\md_1158941174[1].jpg - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\md_1162462932[1].jpg - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\md_1162467614[1].jpg - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\medium[1].css - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\membre[1].png - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\menuLeftCorner.hme[1].gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\menuRightCornerON.hme[1].gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\mini_south[1].gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\mini_west[1].gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\MonCarnet2_on[1].png - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\montargis[1].gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\more_ad_units[1].js - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\MsgrConfig[1].xml - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\mymsn[1].htm - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\nav-0[1].jpg - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\nav-1[1].gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\navcancl[1] - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\needhelph[1].jpg - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\newFDRLabels_fra.1.1[1].js - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\newnote-vide[1].gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\newpicto_tab-6[1].png - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\news[1].rss - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\news_google_fr[1].xml - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\new_rubrique[1].gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\nld[1].gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\notifier13_en[1].htm - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\NV1HCA47DMV1CAR5PCM9CA7L2BYOCAX1UWTNCAQ0NUXWCANGHRY8CAAGZSVPCALQQN4FCAPTLQKICADKKFPNCAQ28U15CAH19TWXCAA9DVRLCAKYPG7RCAN9R6LNCABHAEV0CA7MGBIRCAOX01QMCA6TPGPR.gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\ok_bloc_recherV2[1].gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\onglet_AF_off[1].gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\onglet_avis_off[1].gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\onglet_avis_on[1].gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\onglet_clubic_on[1].gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\onglet_menu_on_gauche[1].gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\oriz_dots[1].gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\o[1].js - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\P1RKCAR9MMJHCASYAZR1CAX5SY4XCAIFP9YOCALRTJGMCAMXPHM2CAI4KV1MCAZ4SLZ5CA5TQCS8CAFQ2NGKCAGZI5ZDCA8TNO4JCARQNNR6CAE1JYUHCAGZ85VHCAGDG43YCAEEXD1NCAAB7I3LCAOK9NE5.gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\pavillon-bain-contact[1].jpg - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\pavillon-bain-partenaire2[1].jpg - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\PCPro2[1].png - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\phpmyvisites[1].js - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\picto_aList[1].gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\picto_bList[1].gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\picto_draft[1].gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\picto_manage_off[1].gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\picto_shopping_20071112[1].png - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\pic_01[1].png - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\pic_rss[1].png - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\pixel7[1].gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\pixel[1].gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\pol[1].gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\printButton[1].png - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\print[1].css - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\print[1].gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\produkty[1].gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\programfinder[1].gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\progress2[1].gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\promos[1].js - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\puce[1].jpg - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\question[1].gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\quote_1[1].gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\QY6RCAI0W48ICAQ7XAJKCAHY8M3TCAHSYUIJCALSLXV9CAJ2GKRQCA18Z5X2CA1XD1H0CANSNF1PCA1UTIYYCASKLAMMCAOLF8FACA6SDQN2CAPSE1WDCADJO1V0CAD86R2FCA30TPSGCAA8GL1ACAL41YQW.gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\radio[1].gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\readstep2_core_onestep[1].js - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\reagir_miniban[1].gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\realisations-bleue+jaune[1].gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\redball.global.framework[1].js - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\right_title_bkg2[1].gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\rouge[1].gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\screen[1].css - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\search[2].htm - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\search[3].htm - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\search_box[1].png - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\search_gray[1].gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\search_l[1].jpg - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\shadow_man_en[1].gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\shadow_man_en[1].jpg - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\shim[1].gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\show0[1].asp - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\silverswimmer[1].jpg - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\site_logo[1].gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\soustitre_centre[1].gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\spacer[1].gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\spodlista[1].gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\sprite_pictos[1].png - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\sprite_stats[1].png - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\SP[1].js - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\st-etienne[1].gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\style[1].css - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\style[2].css - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\subscribe_big[1].gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\swfobject.addon[1].js - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\Tabicon[1].png - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\tableft[1].gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\tab_off_l[1].gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\texture-gres-droit[1].jpg - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\tiledMap.6.3[1].js - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\tirelire300x250[1].swf - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\tirelire300x250[2].swf - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\tirelire300x250[3].swf - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\tirelire300x250[4].swf - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\titre1_gauche[1].gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\topMenu[1].js - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\top_m_02[1].gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\track[1].gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\track[2].gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\TWC9CAVKZYPECA3CCJLKCAVARXSYCAQ6IC1ICA0NGBG6CAEH4PP7CA2L7C81CA27CR6YCALQFBFECAQCQCODCAKIXALVCAV9NH2ACAZ2R2L4CAVNR8EWCAWR66N9CAA6834YCAQG52YWCAGESFEHCAN2TXFZ.gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\V25GCAK2L24FCA1LBZJJCA3FQWKSCAPR7X52CA8ZRHURCA2VQTFMCA7CZGR8CAK2LXDMCASB1D3ECALOTHS6CALE8CS2CA3GX513CAFKXYUICAVAPAX3CA1XHNIDCAB2THLLCA51KC8ZCADTQW8TCA5X0ZWN.gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\verysmallBib[1].gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\views[1] - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\viry[1].gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\vis;sz=1x1;ord=3612785391167206[1].5 - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\vis;sz=1x1;ord=4985137775035741[1] - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\vis;sz=1x1;ord=9402272278001538[1] - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\VMO7CAOFSFT4CAL0QTVBCADDB37RCABLJ24WCAFRCS2XCA9T0B3WCAFBWM4GCAKI7F2XCAV0YBZPCABMG6JTCAVB17GOCAHF28P4CA21OL3PCAVP93V5CAP4MW53CAG27LKACA1VRK1CCAQ0A0X1CAJFYOM1.htm - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\VO4ZCADFQA9CCA1APJVVCAN8DO1KCAGGV7TMCASBMMS0CA0O5N7KCAGQ0T13CACXHRCPCASUDJYOCA0M3U8LCA6EX324CAVGKBC0CA95QEW9CA88IWIMCA8YPE6XCAD8ALAKCAR0TDMBCAEEX1SUCAFVAE9Z.htm - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\voir_profil_mini[1].gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\VT73CAXFFJ7BCAII319JCAUCZSFNCAVBSPL5CA914RRRCA3SBW8MCAHX6K6NCAY6VQ9PCA4QDDWPCARMNP6CCA4S207FCA0N0FUBCACUWWIZCADWG3PDCAM3SEAFCASSMYF4CA1COWTSCA7UB69UCAGNAFH3.htm - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\vt_promo[1].gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\walledgarden[1].htm - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\web_15[1].gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\web_20[1].gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\wg[1].js - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\wrkON[1].jpg - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\WV77CA9D0NVLCA15Z02RCADW52EACAA38BWQCAJ85Q9FCAMC3Q7GCAA25T7SCABY990LCA8HRLEZCAYCEHXACAQERZ27CAQELG4QCAQ4DRMTCAUXKO2RCAGUCS44CA8I6MBSCAR6XFA3CA7DS3M0CA8PMOVM.htm - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\xiti[1].js - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\ZN7ECAKEJSJVCA3J8TDXCAJIQ6BTCA0F6SFQCAFEZ0R2CA0YTR7ACABH61DCCA4FCP0NCAQSRULWCAZBV28ICAGSIAQECALP6MA0CA36WB29CAW27AP5CAJZNE87CAZEY3KFCAO72XYICAXVHV7UCAV9E84O.gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\zoomInShadow[1].png - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\ZZVBCAEJ3XUKCA274WB2CA7PPZRJCA4YM0MXCASCS858CAJY14I0CARIBERJCAZX3ULZCAAZN79GCAUBP3QRCAF8H8MACAUAWL5PCA2IGUXSCAQT41OXCAQGR0L6CAMX4UD5CAOK6KFVCAV04TZRCAIYIGN8.gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\z[1].gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\_games_onthispage[1].gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\_m_bkg2[1].jpg - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\_m_handheld[1].gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\_m_mobile2[1].gif - deleted
C:\Documents and Settings\loulou\Local Settings\Temporary Internet Files\Content.IE5\YWNQSVEN\__mini_augment[1].gif - deleted
C:\Documents and Settings\LocalService\Cookies\index.dat - deleted
C:\Documents and Settings\LocalService\locals~1\tempor~1\Content.IE5\index.dat - deleted
C:\Documents and Settings\LocalService\Cookies\index.dat - deleted
C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat - deleted
C:\Documents and Settings\LocalService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\index.dat - deleted
C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat - deleted
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat - deleted
C:\Documents and Settings\Default User\Cookies\index.dat - deleted
C:\Documents and Settings\Default User\locals~1\tempor~1\Content.IE5\index.dat - deleted
C:\Documents and Settings\Default User\Cookies\index.dat - deleted
C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\index.dat - deleted
C:\Documents and Settings\Administrateur\Cookies\index.dat - deleted
C:\Documents and Settings\Administrateur\Cookies\index.dat - deleted
C:\WINDOWS\Prefetch\25A5C8BC.EXE-11F1651E.pf - deleted
C:\WINDOWS\Prefetch\28EXHMUNML201.EXE-0EF7F301.pf - deleted
C:\WINDOWS\Prefetch\34EXHMUNML201.EXE-386ED5AA.pf - deleted
C:\WINDOWS\Prefetch\47EXHMUNML201.EXE-0E5E7DAB.pf - deleted
C:\WINDOWS\Prefetch\67EXHMUNML201.EXE-22962F95.pf - deleted
C:\WINDOWS\Prefetch\A2FREE.EXE-34CE1BFD.pf - deleted
C:\WINDOWS\Prefetch\A2SERVICE.EXE-084E756C.pf - deleted
C:\WINDOWS\Prefetch\AAWLIC.EXE-38331DC6.pf - deleted
C:\WINDOWS\Prefetch\AAWSERVICE.EXE-0C93BFFC.pf - deleted
C:\WINDOWS\Prefetch\ACRORD32.EXE-13285B88.pf - deleted
C:\WINDOWS\Prefetch\AD-AWARE2007.EXE-0CF9A7E5.pf - deleted
C:\WINDOWS\Prefetch\ADOBEUPDATEMANAGER.EXE-32021652.pf - deleted
C:\WINDOWS\Prefetch\AGENT.EXE-06FC5CDE.pf - deleted
C:\WINDOWS\Prefetch\ALCMTR.EXE-235F9538.pf - deleted
C:\WINDOWS\Prefetch\ALERTM~1.EXE-1C0AE839.pf - deleted
C:\WINDOWS\Prefetch\ALG.EXE-0F138680.pf - deleted
C:\WINDOWS\Prefetch\AOLACSD.EXE-36E1D966.pf - deleted
C:\WINDOWS\Prefetch\ASHAVAST.EXE-12F63458.pf - deleted
C:\WINDOWS\Prefetch\ASHMAISV.EXE-12E27032.pf - deleted
C:\WINDOWS\Prefetch\ASHQUICK.EXE-13F2975D.pf - deleted
C:\WINDOWS\Prefetch\ASHSIMPL.EXE-14F851AB.pf - deleted
C:\WINDOWS\Prefetch\ASHWEBSV.EXE-0548EF0A.pf - deleted
C:\WINDOWS\Prefetch\AVAST.SETUP-032170A8.pf - deleted
C:\WINDOWS\Prefetch\BOHSDYZS.EXE-366E0FFE.pf - deleted
C:\WINDOWS\Prefetch\CLI.EXE-20D5A08B.pf - deleted
C:\WINDOWS\Prefetch\CLISTART.EXE-23431A6E.pf - deleted
C:\WINDOWS\Prefetch\CMD.EXE-087B4001.pf - deleted
C:\WINDOWS\Prefetch\COMBOFIX.EXE-2DA14954.pf - deleted
C:\WINDOWS\Prefetch\COMCOMP.EXE-01668373.pf - deleted
C:\WINDOWS\Prefetch\COMCOMP.EXE-063CBADA.pf - deleted
C:\WINDOWS\Prefetch\CTFMON.EXE-0E17969B.pf - deleted
C:\WINDOWS\Prefetch\CTYVKZCZ.EXE-2639FF14.pf - deleted
C:\WINDOWS\Prefetch\DEFRAG.EXE-273F131E.pf - deleted
C:\WINDOWS\Prefetch\DFRGNTFS.EXE-269967DF.pf - deleted
C:\WINDOWS\Prefetch\DLLHOST.EXE-5353C76C.pf - deleted
C:\WINDOWS\Prefetch\DOPEDUFS.EXE-01CEEE68.pf - deleted
C:\WINDOWS\Prefetch\DOWNLOADMANAGER.EXE-2D71A420.pf - deleted
C:\WINDOWS\Prefetch\DRVCTL.EXE-025D615A.pf - deleted
C:\WINDOWS\Prefetch\DRWTSN32.EXE-2B4B52AC.pf - deleted
C:\WINDOWS\Prefetch\DUMPREP.EXE-1B46F901.pf - deleted
C:\WINDOWS\Prefetch\DW20.EXE-0F7C73AD.pf - deleted
C:\WINDOWS\Prefetch\DWWIN.EXE-30875ADC.pf - deleted
C:\WINDOWS\Prefetch\EHMSAS.EXE-181DA6C9.pf - deleted
C:\WINDOWS\Prefetch\EHREC.EXE-3B4F59C8.pf - deleted
C:\WINDOWS\Prefetch\EHRECVR.EXE-20796750.pf - deleted
C:\WINDOWS\Prefetch\EHSCHED.EXE-1E5750BC.pf - deleted
C:\WINDOWS\Prefetch\EHTRAY.EXE-02EFC9BD.pf - deleted
C:\WINDOWS\Prefetch\EMULE.EXE-2A971BEB.pf - deleted
C:\WINDOWS\Prefetch\EXPLORER.EXE-082F38A9.pf - deleted
C:\WINDOWS\Prefetch\E_FATIBEE.EXE-2F71ACB7.pf - deleted
C:\WINDOWS\Prefetch\FTRTSVC.EXE-2F155501.pf - deleted
C:\WINDOWS\Prefetch\FXSSVC.EXE-3B8F7819.pf - deleted
C:\WINDOWS\Prefetch\GESTIONNAIREINTERNET.EXE-0D9C1BD4.pf - deleted
C:\WINDOWS\Prefetch\GESTIONNAIREINTERNET.EXE-246342AC.pf - deleted
C:\WINDOWS\Prefetch\GESTMAJ.EXE-26927B6B.pf - deleted
C:\WINDOWS\Prefetch\GESTMAJ.EXE-2B68B2D2.pf - deleted
C:\WINDOWS\Prefetch\HPQSTE08.EXE-18A7280B.pf - deleted
C:\WINDOWS\Prefetch\HPQTRA08.EXE-17E37E7E.pf - deleted
C:\WINDOWS\Prefetch\HPRBLOG.EXE-16B72A6F.pf - deleted
C:\WINDOWS\Prefetch\HPRBUPDATE.EXE-342FA7BD.pf - deleted
C:\WINDOWS\Prefetch\HPWUCLI.EXE-2587F620.pf - deleted
C:\WINDOWS\Prefetch\HPWUSCHD2.EXE-02F6D2DD.pf - deleted
C:\WINDOWS\Prefetch\HPZIPM12.EXE-145E7369.pf - deleted
C:\WINDOWS\Prefetch\IEXPLORE.EXE-27122324.pf - deleted
C:\WINDOWS\Prefetch\IMAPI.EXE-0BF740A4.pf - deleted
C:\WINDOWS\Prefetch\INACTIVITY.EXE-054B684A.pf - deleted
C:\WINDOWS\Prefetch\ISUSPM.EXE-105CAF46.pf - deleted
C:\WINDOWS\Prefetch\JUSCHED.EXE-287286E1.pf - deleted
C:\WINDOWS\Prefetch\LAVASOFT_ADAWARE2007_FR.EXE-06C38292.pf - deleted
C:\WINDOWS\Prefetch\Layout.ini - deleted
C:\WINDOWS\Prefetch\LOGONUI.EXE-0AF22957.pf - deleted
C:\WINDOWS\Prefetch\LSUPDATEMANAGER.EXE-216EB0B6.pf - deleted
C:\WINDOWS\Prefetch\MBGRCJAX.EXE-37DECF3A.pf - deleted
C:\WINDOWS\Prefetch\MCRDSVC.EXE-0560ADD0.pf - deleted
C:\WINDOWS\Prefetch\MMC.EXE-1EF9AA05.pf - deleted
C:\WINDOWS\Prefetch\MSIEXEC.EXE-2F8A8CAE.pf - deleted
C:\WINDOWS\Prefetch\MSIMN.EXE-38BA891D.pf - deleted
C:\WINDOWS\Prefetch\MSNMSGR.EXE-030AB647.pf - deleted
C:\WINDOWS\Prefetch\NEROCHECK.EXE-35AE1DFB.pf - deleted
C:\WINDOWS\Prefetch\NET.EXE-171DB0D9.pf - deleted
C:\WINDOWS\Prefetch\NETPRO.EXE-020CC3BA.pf - deleted
C:\WINDOWS\Prefetch\NMBGMONITOR.EXE-241A04E8.pf - deleted
C:\WINDOWS\Prefetch\NMINDEXINGSERVICE.EXE-01E84916.pf - deleted
C:\WINDOWS\Prefetch\NMINDEXSTORESVR.EXE-22A7DEEF.pf - deleted
C:\WINDOWS\Prefetch\NOTEPAD.EXE-336351A9.pf - deleted
C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf - deleted
C:\WINDOWS\Prefetch\OVSZEZCP.EXE-0DF44EF3.pf - deleted
C:\WINDOWS\Prefetch\PCTSAUXS.EXE-1E8D77A6.pf - deleted
C:\WINDOWS\Prefetch\PCTSGUI.EXE-281B8AB7.pf - deleted
C:\WINDOWS\Prefetch\PCTSSVC.EXE-3A239962.pf - deleted
C:\WINDOWS\Prefetch\PCTSTRAY.EXE-29391146.pf - deleted
C:\WINDOWS\Prefetch\POLLINGMODULE.EXE-2C738EAB.pf - deleted
C:\WINDOWS\Prefetch\QTTASK.EXE-342507FB.pf - deleted
C:\WINDOWS\Prefetch\QUICKSTART.EXE-2DF9B9E8.pf - deleted
C:\WINDOWS\Prefetch\RBSOLNUPDATE.EXE-1DD37A4C.pf - deleted
C:\WINDOWS\Prefetch\RBSOLNUPDATEFRA.2.6.5.EXE-3675EC30.pf - deleted
C:\WINDOWS\Prefetch\READER_SL.EXE-3614FA6E.pf - deleted
C:\WINDOWS\Prefetch\RTHDCPL.EXE-06918CFA.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-147710F4.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-1687FC74.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-4489B61B.pf - deleted
C:\WINDOWS\Prefetch\SDLOADER.EXE-21FADC9B.pf - deleted
C:\WINDOWS\Prefetch\SETUP_FDDF.EXE-3B237B8B.pf - deleted
C:\WINDOWS\Prefetch\SHELL.EXE-3189A993.pf - deleted
C:\WINDOWS\Prefetch\SHOWTIME.EXE-058E333F.pf - deleted
C:\WINDOWS\Prefetch\SNDVOL32.EXE-383480B7.pf - deleted
C:\WINDOWS\Prefetch\SOFFICE.BIN-2219018C.pf - deleted
C:\WINDOWS\Prefetch\SOFFICE.EXE-1A296C65.pf - deleted
C:\WINDOWS\Prefetch\SPOOLSV.EXE-282F76A7.pf - deleted
C:\WINDOWS\Prefetch\SPY DOCTOR.EXE-0CB7C037.pf - deleted
C:\WINDOWS\Prefetch\SPY DOCTOR.TMP-1DA272D3.pf - deleted
C:\WINDOWS\Prefetch\SPYBOTSD.EXE-1344276B.pf - deleted
C:\WINDOWS\Prefetch\SVCHOST.EXE-3530F672.pf - deleted
C:\WINDOWS\Prefetch\TASKMGR.EXE-20256C55.pf - deleted
C:\WINDOWS\Prefetch\TOASTER.EXE-1CBF7015.pf - deleted
C:\WINDOWS\Prefetch\UPDATE.EXE-1A7E7F45.pf - deleted
C:\WINDOWS\Prefetch\USBDEVICESERVICE.EXE-1ED8C132.pf - deleted
C:\WINDOWS\Prefetch\USERINIT.EXE-30B18140.pf - deleted
C:\WINDOWS\Prefetch\USNSVC.EXE-2DF2835C.pf - deleted
C:\WINDOWS\Prefetch\VERCLSID.EXE-3667BD89.pf - deleted
C:\WINDOWS\Prefetch\WATCH.EXE-0DACDE18.pf - deleted
C:\WINDOWS\Prefetch\WATCH.EXE-31EDBDF6.pf - deleted
C:\WINDOWS\Prefetch\WGATRAY.EXE-0ED38BED.pf - deleted
C:\WINDOWS\Prefetch\WLLOGINPROXY.EXE-2D4B6027.pf - deleted
C:\WINDOWS\Prefetch\WMIAPSRV.EXE-1E2270A5.pf - deleted
C:\WINDOWS\Prefetch\WMIPRVSE.EXE-28F301A9.pf - deleted
C:\WINDOWS\Prefetch\WOOBROWSER.EXE-2D710CF8.pf - deleted
C:\WINDOWS\Prefetch\WPGLDFSH.SCR-0B370EE2.pf - deleted
C:\WINDOWS\Prefetch\WUAUCLT.EXE-399A8E72.pf - deleted
C:\WINDOWS\Prefetch\ZKJQNEZG.EXE-2DBE16C9.pf - deleted
C:\temp\debug.txt - deleted
C:\temp\DVD - deleted
'Run MRU' list - removed from the registry.
'Doc Find Spec MRU' list - removed from the registry.
'FindComputerMRU' list - removed from the registry.
'ComputerNameMRU' list - removed from the registry.
'ContainingTextMRU' list - removed from the registry.
'FilesNamedMRU' list - removed from the registry.
Search Assistant MRU list - removed from the registry.
Explorer Open/Save MRU list - removed from the registry.
Explorer Last Visited MRU list - removed from the registry.
Paint Recent File List - removed from the registry.
WordPad Recent File List - removed from the registry.
Telnet's MRU list - removed from the registry.
Windows Media Player Recent File List - removed from the registry.
WinZip Extract MRU list - removed from the registry.
WinZip File MRU list - removed from the registry.
CleanUp! 4.5.2 recovered 581.4 MB of disk space from 19080 files.
CleanUp! finished on 03/28/08 21:08:05.
0
Réponse 26 / 54
Utilisateur anonyme
 
Re ,très bien le rapport Clean maintenant.

a+
0
Réponse 27 / 54
loustick
 
voici pour clean:

28/03/2008 a 21:14:14,56

*** Recherche des fichiers dans C:

*** Recherche des fichiers dans C:\WINDOWS\

*** Recherche des fichiers dans C:\WINDOWS\system32

*** Recherche des fichiers dans C:\Program Files
"C:\Program Files\BitDownload" FOUND
"C:\Program Files\Multi_Media_France\" FOUND
"C:\Program Files\Viewpoint\" FOUND
0
Réponse 28 / 54
Utilisateur anonyme
 
Re ,

→ Redémarre en MSE

Autre tutorials pour MSE:

https://www.micro-astuce.com/depannage/demarrer-mode-sans-echec.php
http://www.coupdepoucepc.com/modules/news/article.php?storyid=253

→ Re-lance clean -> Choisis l'option 2

---Clean va travailler.---

→ Un rapport Va etre généré , poste le moi ;)

( Le rapport est aussi sauvegardé dans C:\Rapport_clean.txt )

A+
0
Réponse 29 / 54
loustick
 
voila:

Script execute en mode sans echec
Rapport clean par Malekal_morte - http://www.malekal.com
Script execute en mode sans echec 28/03/2008 a 21:31:48,01

Microsoft Windows XP [version 5.1.2600]

*** Suppression des fichiers dans C:

*** Suppression des fichiers dans C:\WINDOWS\

*** Suppression des fichiers dans C:\WINDOWS\system32

*** Suppression des fichiers dans C:\Program Files
tentative de suppression de "C:\Program Files\BitDownload"
tentative de suppression de "C:\Program Files\Multi_Media_France\"
tentative de suppression de "C:\Program Files\Viewpoint\"

*** Suppression des clefs du registre effectuee..
*** Fin du rapport !
0
Réponse 30 / 54
Utilisateur anonyme
 
Re ,

→ Ferme toutes les applications en cours, puis télécharge ToolsCleaner2 sur ton Bureau.

→ Double clique sur ToolsCleaner2.exe >
→ Clique sur .Recherche
→ puis sur Suppression quand la liste est trouvée.
→ Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).

(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

Note : ton bureau RISQUE de disparaître, c'est normal. S'il n'apparaît pas à la fin du scan, fais la manip suivante :

CTRL+ALT+SUPP pour ouvrir le Gestionnaire des tâches.
Puis rends toi à l'onglet "Processus". Clique en haut à gauche sur Fichiers et choisis "Exécuter"

Tape explorer.exe et valide. Cela fera re-apparaître le Bureau

Tuto : http://www.commentcamarche.net/faq/sujet 8341 toolscleaner suppression des fix de force brute ( merci espion3004 )

************************************

Maintenant que ton PC n'est plus infecté, désactive ta "Restauration du système" puis réactive la, ce qui créer un point de restauration sain...

Désactivation :
Clique droit sur le "Poste de travail" > Propriétés > onglet "Restauration du système" > coche la case "Désactiver la Restauration du système sur tous les lecteurs"
> Applique patiente jusqu’à ce que cela soit marqué "désactivé" puis Ok.

Activation :
Suivre le même chemin ; décoche la case "Désactiver la Restauration du système sur tous les lecteurs"
> Applique attends que cela soit à nouveau sur "surveillance" puis Ok. Redémarre l'ordinateur.

************************

A+
0
Réponse 31 / 54
loustick
 
j'ais tout fait mais je ne trouve pas le rapport.
0
Réponse 32 / 54
Utilisateur anonyme
 
Poste de travail > C:\ > TCLEANER.txt

?
0
Réponse 33 / 54
loustick
 
je vais dormir un peu je boss demain.
je ne suis pas la du week end on reprendra ça lundi si ça ne te derrange pas,je ferais un scan complet et je te posterais ça pour savoir si c'est pas trop mauvais.
et j'aurais encore une petite question(juste pour information).
et encore un grand MERCI a toi pour ton aide!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
bonne nuit.
0
Réponse 34 / 54
loustick
 
c'est ce que j'ai fais mais il n'y est pas.
0
Réponse 35 / 54
Utilisateur anonyme
 
Re , oki pas grave on finira demain =)

++
0
Réponse 36 / 54
loustick
 
lundi si ça ne derrange pas comme je tes dit au post 33 je ne suis pas la du week end.
bonne nuit.
et je ne te dirais jamais assez MERCI.
0
Réponse 37 / 54
Utilisateur anonyme
 
Ah ok j'avais pas vu ^^'

Lundi donc ( il reste plus grand chose à faire )

Pi de rien =)
Bonne nuit

A lundi
0
Réponse 38 / 54
loustick
 
bonjour cyrildu17,
je suis de retour j'attend tes instructions.
0
Réponse 39 / 54
Utilisateur anonyme
 
Re !

Supprime Toolscleaner.

encore des soucis ?
0
Réponse 40 / 54
loustick
 
j'ais supprimé Toolscleaner.
cet apres midi il c'est recoupé avec un ecran tout bleu et des truc ecrit en blanc comme quoi windows a prefferé fermer...etc
0