Problèmes avec l'ordi, virus?
Résolu/Fermé
lilangel
Messages postés
21
Date d'inscription
mardi 15 avril 2008
Statut
Membre
Dernière intervention
25 mai 2008
-
15 avril 2008 à 20:37
lilangel - 20 mai 2008 à 19:36
lilangel - 20 mai 2008 à 19:36
A voir également:
- Problèmes avec l'ordi, virus?
- Mon ordi rame que faire - Guide
- Comment reinitialiser un ordi - Guide
- Ordi scrabble - Télécharger - Jeux vidéo
- Youtu.be virus - Accueil - Guide virus
- Ordi ecran noir - Guide
79 réponses
lilangel
Messages postés
21
Date d'inscription
mardi 15 avril 2008
Statut
Membre
Dernière intervention
25 mai 2008
16 avril 2008 à 23:43
16 avril 2008 à 23:43
D'accord. Merci beaucoup!
++
++
Utilisateur anonyme
16 avril 2008 à 23:45
16 avril 2008 à 23:45
Au cas où , je tiens à préciser que ce n'est pas fini =)
( au fois tout cela fait , j'aimerais un nouveau rapport Hijackthis )
++
( au fois tout cela fait , j'aimerais un nouveau rapport Hijackthis )
++
lilangel
Messages postés
21
Date d'inscription
mardi 15 avril 2008
Statut
Membre
Dernière intervention
25 mai 2008
16 avril 2008 à 23:48
16 avril 2008 à 23:48
lol mon ordi a encore des virus :D Je sais pas comment j'ai fait pour en mettre autant :p
Utilisateur anonyme
16 avril 2008 à 23:50
16 avril 2008 à 23:50
J'ai des choses à faire encore sur ton pc =)
Le rendre un peu plus rapide , vérifier si tout est ok , virer les outils de désinfections ...
Mon rapport HJT stp =P
++
Le rendre un peu plus rapide , vérifier si tout est ok , virer les outils de désinfections ...
Mon rapport HJT stp =P
++
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
lilangel
Messages postés
21
Date d'inscription
mardi 15 avril 2008
Statut
Membre
Dernière intervention
25 mai 2008
17 avril 2008 à 00:02
17 avril 2008 à 00:02
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:02:02, on 17/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\Fichiers communs\Virtual Token\vtserver.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Symantec Client Security\Symantec Client Firewall\ISSVC.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\IPSSVC.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe
C:\WINDOWS\System32\TPHDEXLG.EXE
C:\WINDOWS\system32\TpKmpSVC.exe
C:\Program Files\IBM ThinkVantage\Rescue and Recovery\rrservice.exe
C:\Program Files\IBM ThinkVantage\Common\Scheduler\tvtsched.exe
C:\Program Files\ThinkVantage\SystemUpdate\UCLauncherService.exe
C:\WINDOWS\system32\UStorSrv.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ThinkPad\ConnectUtilities\AcMurocHlpr.exe
C:\Program Files\IBM ThinkVantage\Common\Logger\logmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\TpShocks.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\PROGRA~1\ThinkPad\BLUETO~1\BTSTAC~1.EXE
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Trend Micro\HijackThis\HJT.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.01net.com/telecharger/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file)
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [TP4EX] tp4ex.exe
O4 - HKLM\..\Run: [PWRMGRTR] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [BLOG] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Mise à jour de logiciels ThinkPad - {D1A4DEBD-C2EE-449f-B9FB-E8409F9A0BC5} - C:\Program Files\Lenovo\PkgMgr\\PkgMgr.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [JAVA_IBM] Java (IBM)
O12 - Plugin for .mu3: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .mus: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .mut: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .myr: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O15 - Trusted Zone: http://a248.e.akamai.net
O15 - Trusted Zone: http://*.bitdefender.com
O15 - Trusted Zone: http://ssl-hints.netflame.cc
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} - http://www.sibelius.com/download/software/win/ActiveXPlugin.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{36480FE8-4CA6-46A8-8C1F-911374E6A7FA}: NameServer = 192.168.1.1,192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{85CF80E0-6F20-4649-BD89-E4D0280D98B8}: NameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{984C6453-2795-4A2A-BAD9-F018B3C31D09}: NameServer = 192.168.3.1,192.168.4.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{36480FE8-4CA6-46A8-8C1F-911374E6A7FA}: NameServer = 192.168.1.1,192.168.2.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{36480FE8-4CA6-46A8-8C1F-911374E6A7FA}: NameServer = 192.168.1.1,192.168.2.1
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Unknown owner - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Service de base IPS (IPSSVC) - Lenovo Ltd. - C:\WINDOWS\system32\IPSSVC.EXE
O23 - Service: IS Service (ISSVC) - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec Client Firewall\ISSVC.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec Client Security\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Symantec SecurePort (SymSecurePort) - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.EXE
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe
O23 - Service: TSS Core Service (TSSCoreService) - IBM - C:\Program Files\IBM ThinkVantage\Client Security Solution\ibmtcsd.exe
O23 - Service: TVT Backup Service - Unknown owner - C:\Program Files\IBM ThinkVantage\Rescue and Recovery\rrservice.exe
O23 - Service: TVT Scheduler - Unknown owner - C:\Program Files\IBM ThinkVantage\Common\Scheduler\tvtsched.exe
O23 - Service: ThinkVantage System Update (UCLauncherService) - Unknown owner - C:\Program Files\ThinkVantage\SystemUpdate\UCLauncherService.exe
O23 - Service: UStorage Server Service - OTi - C:\WINDOWS\system32\UStorSrv.exe
O23 - Service: Protector Suite Virtual Token (vtserver) - UPEK Inc. - C:\Program Files\Fichiers communs\Virtual Token\vtserver.exe
Scan saved at 00:02:02, on 17/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\Fichiers communs\Virtual Token\vtserver.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Symantec Client Security\Symantec Client Firewall\ISSVC.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\IPSSVC.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe
C:\WINDOWS\System32\TPHDEXLG.EXE
C:\WINDOWS\system32\TpKmpSVC.exe
C:\Program Files\IBM ThinkVantage\Rescue and Recovery\rrservice.exe
C:\Program Files\IBM ThinkVantage\Common\Scheduler\tvtsched.exe
C:\Program Files\ThinkVantage\SystemUpdate\UCLauncherService.exe
C:\WINDOWS\system32\UStorSrv.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ThinkPad\ConnectUtilities\AcMurocHlpr.exe
C:\Program Files\IBM ThinkVantage\Common\Logger\logmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\TpShocks.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\PROGRA~1\ThinkPad\BLUETO~1\BTSTAC~1.EXE
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Trend Micro\HijackThis\HJT.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.01net.com/telecharger/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file)
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [TP4EX] tp4ex.exe
O4 - HKLM\..\Run: [PWRMGRTR] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [BLOG] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Mise à jour de logiciels ThinkPad - {D1A4DEBD-C2EE-449f-B9FB-E8409F9A0BC5} - C:\Program Files\Lenovo\PkgMgr\\PkgMgr.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [JAVA_IBM] Java (IBM)
O12 - Plugin for .mu3: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .mus: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .mut: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .myr: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O15 - Trusted Zone: http://a248.e.akamai.net
O15 - Trusted Zone: http://*.bitdefender.com
O15 - Trusted Zone: http://ssl-hints.netflame.cc
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} - http://www.sibelius.com/download/software/win/ActiveXPlugin.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{36480FE8-4CA6-46A8-8C1F-911374E6A7FA}: NameServer = 192.168.1.1,192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{85CF80E0-6F20-4649-BD89-E4D0280D98B8}: NameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{984C6453-2795-4A2A-BAD9-F018B3C31D09}: NameServer = 192.168.3.1,192.168.4.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{36480FE8-4CA6-46A8-8C1F-911374E6A7FA}: NameServer = 192.168.1.1,192.168.2.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{36480FE8-4CA6-46A8-8C1F-911374E6A7FA}: NameServer = 192.168.1.1,192.168.2.1
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Unknown owner - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Service de base IPS (IPSSVC) - Lenovo Ltd. - C:\WINDOWS\system32\IPSSVC.EXE
O23 - Service: IS Service (ISSVC) - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec Client Firewall\ISSVC.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec Client Security\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Symantec SecurePort (SymSecurePort) - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.EXE
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe
O23 - Service: TSS Core Service (TSSCoreService) - IBM - C:\Program Files\IBM ThinkVantage\Client Security Solution\ibmtcsd.exe
O23 - Service: TVT Backup Service - Unknown owner - C:\Program Files\IBM ThinkVantage\Rescue and Recovery\rrservice.exe
O23 - Service: TVT Scheduler - Unknown owner - C:\Program Files\IBM ThinkVantage\Common\Scheduler\tvtsched.exe
O23 - Service: ThinkVantage System Update (UCLauncherService) - Unknown owner - C:\Program Files\ThinkVantage\SystemUpdate\UCLauncherService.exe
O23 - Service: UStorage Server Service - OTi - C:\WINDOWS\system32\UStorSrv.exe
O23 - Service: Protector Suite Virtual Token (vtserver) - UPEK Inc. - C:\Program Files\Fichiers communs\Virtual Token\vtserver.exe
Utilisateur anonyme
17 avril 2008 à 00:18
17 avril 2008 à 00:18
Re ,
→ Relance hijackthis , en menu principal choisis ' Do a system scan ' Et fixe ces/cette ligne(s) : ( coche la case à leurs gauches )
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file)
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
Ferme toutes les fenêtres (hormis Hijackthis), y compris ton navigateur web.
→ clique sur ' fixchecked '
*******************************
Désinstalle Ad-aware 2007 stp.
Il ne sert à rien. ( pas de protection résidente )
C'est donc un simple scanner peu efficace
Lit ceci :
https://forum.malekal.com/viewtopic.php?f=45&t=8046
****************************
→ Télécharge CleanUp452 ( Primary download site ... )
→ Lance-le et choisi l'option ' cleanup! '
→ Poste le rapport.
Tutorial: http://pageperso.aol.fr/balltrap34/democleanup.htm ( merci à balltrap34 )
***************************
→ Télécharge clean : http://www.malekal.com/download/clean.zip
→ Dézippe-le ( clique droit , extraire tout)
→ Lance clean.cmd ( ou clean ), Choisi l'option 1 et poste moi le rapport.
(- Où est le rapport clean ? : « Poste de travail » / double clic sur disque « C / » double-clic sur « rapport_clean.txt » et « copier/coller le contenu » sur le forum. )
Note : Tu auras peut-être un message qui t'invitera a uploader un fichier , fait-le dès que tu pourras.
Tutorial : http://bibou0007.com/outils-specifiques-f78/tuto-clean-t1007.htm
***********************
A me rendre dans l'ordre ,
Cleanup
Clean
Hijackthis ( nouveau )
Et on finira ;)
++
→ Relance hijackthis , en menu principal choisis ' Do a system scan ' Et fixe ces/cette ligne(s) : ( coche la case à leurs gauches )
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file)
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
Ferme toutes les fenêtres (hormis Hijackthis), y compris ton navigateur web.
→ clique sur ' fixchecked '
*******************************
Désinstalle Ad-aware 2007 stp.
Il ne sert à rien. ( pas de protection résidente )
C'est donc un simple scanner peu efficace
Lit ceci :
https://forum.malekal.com/viewtopic.php?f=45&t=8046
****************************
→ Télécharge CleanUp452 ( Primary download site ... )
→ Lance-le et choisi l'option ' cleanup! '
→ Poste le rapport.
Tutorial: http://pageperso.aol.fr/balltrap34/democleanup.htm ( merci à balltrap34 )
***************************
→ Télécharge clean : http://www.malekal.com/download/clean.zip
→ Dézippe-le ( clique droit , extraire tout)
→ Lance clean.cmd ( ou clean ), Choisi l'option 1 et poste moi le rapport.
(- Où est le rapport clean ? : « Poste de travail » / double clic sur disque « C / » double-clic sur « rapport_clean.txt » et « copier/coller le contenu » sur le forum. )
Note : Tu auras peut-être un message qui t'invitera a uploader un fichier , fait-le dès que tu pourras.
Tutorial : http://bibou0007.com/outils-specifiques-f78/tuto-clean-t1007.htm
***********************
A me rendre dans l'ordre ,
Cleanup
Clean
Hijackthis ( nouveau )
Et on finira ;)
++
Clean up:
CleanUp! started on 04/17/08 00:32:29.
C:\Documents and Settings\Mistral\Local Settings\Temporary Internet Files\Content.IE5\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Mistral\Local Settings\Temporary Internet Files\Content.IE5\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Mistral\Local Settings\Historique\History.IE5\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Mistral\Local Settings\Historique\History.IE5\MSHist012008041620080417\index.dat currently in use. Will be deleted when Windows is restarted.
'Typed URLs' (Internet Explorer) - removed from the registry.
C:\Documents and Settings\Mistral\Cookies\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Mistral\Application Data\Mozilla\Firefox\Profiles\24ez7jt5.default\history.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Mistral\Application Data\Mozilla\Firefox\Profiles\24ez7jt5.default\cookies.txt.old - deleted
C:\DOCUME~1\Mistral\LOCALS~1\Temp\hpodvd09.log currently in use. Will be deleted when Windows is restarted.
C:\DOCUME~1\Mistral\LOCALS~1\Temp\java_install_reg.log - deleted
C:\DOCUME~1\Mistral\LOCALS~1\Temp\jusched.log - deleted
C:\DOCUME~1\Mistral\LOCALS~1\Temp\Perflib_Perfdata_fc0.dat currently in use. Will be deleted when Windows is restarted.
C:\DOCUME~1\Mistral\LOCALS~1\Temp\~DF2957.tmp currently in use. Will be deleted when Windows is restarted.
C:\DOCUME~1\Mistral\LOCALS~1\Temp\hsperfdata_Mistral\ - deleted
C:\DOCUME~1\Mistral\LOCALS~1\Temp\hpodvd09.log currently in use. Will be deleted when Windows is restarted.
C:\DOCUME~1\Mistral\LOCALS~1\Temp\Perflib_Perfdata_fc0.dat currently in use. Will be deleted when Windows is restarted.
C:\DOCUME~1\Mistral\LOCALS~1\Temp\~DF2957.tmp currently in use. Will be deleted when Windows is restarted.
C:\WINDOWS\temp\Perflib_Perfdata_1e4.dat currently in use. Will be deleted when Windows is restarted.
C:\WINDOWS\temp\vtclrg41.tmp currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\NetworkService\Cookies\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\NetworkService\locals~1\tempor~1\Content.IE5\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\NetworkService\Cookies\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Mistral\Cookies\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Mistral\locals~1\tempor~1\Content.IE5\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Mistral\Cookies\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Mistral\Local Settings\Temp\hpodvd09.log currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Mistral\Local Settings\Temp\Perflib_Perfdata_fc0.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Mistral\Local Settings\Temp\~DF2957.tmp currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Mistral\Local Settings\Temporary Internet Files\Content.IE5\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\LocalService\Cookies\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\LocalService\locals~1\tempor~1\Content.IE5\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\LocalService\Cookies\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat currently in use. Will be deleted when Windows is restarted.
C:\WINDOWS\Prefetch\ACMUROCHLPR.EXE-2E667F3A.pf - deleted
C:\WINDOWS\Prefetch\ACRORD32INFO.EXE-013EA364.pf - deleted
C:\WINDOWS\Prefetch\ACSVC.EXE-206ED8CF.pf - deleted
C:\WINDOWS\Prefetch\AD-AWARE2007.EXE-0CF9A7E5.pf - deleted
C:\WINDOWS\Prefetch\AD-WATCH2007.EXE-0622402D.pf - deleted
C:\WINDOWS\Prefetch\ALG.EXE-0F138680.pf - deleted
C:\WINDOWS\Prefetch\ATI2EVXX.EXE-19D16EB9.pf - deleted
C:\WINDOWS\Prefetch\AVGAM.EXE-1C82112E.pf - deleted
C:\WINDOWS\Prefetch\AVGAS.EXE-27525987.pf - deleted
C:\WINDOWS\Prefetch\AVGCMGR.EXE-1D29CBA8.pf - deleted
C:\WINDOWS\Prefetch\AVGNSX.EXE-3B2A5A79.pf - deleted
C:\WINDOWS\Prefetch\AVGRSX.EXE-1893543C.pf - deleted
C:\WINDOWS\Prefetch\AVGTRAY.EXE-17920267.pf - deleted
C:\WINDOWS\Prefetch\AVGUI.EXE-388E181A.pf - deleted
C:\WINDOWS\Prefetch\BR_FUNCS.EXE-183E70A5.pf - deleted
C:\WINDOWS\Prefetch\BTSTAC~1.EXE-22A3B15B.pf - deleted
C:\WINDOWS\Prefetch\BTTRAY.EXE-23487190.pf - deleted
C:\WINDOWS\Prefetch\CATCHME.EXE-159DDF12.pf - deleted
C:\WINDOWS\Prefetch\CLIPTEXT.EXE-1606842F.pf - deleted
C:\WINDOWS\Prefetch\CMD.EXE-087B4001.pf - deleted
C:\WINDOWS\Prefetch\COMBOFIX.EXE-08D9E4F8.pf - deleted
C:\WINDOWS\Prefetch\CONTROL.EXE-013DBFB5.pf - deleted
C:\WINDOWS\Prefetch\CTFMON.EXE-0E17969B.pf - deleted
C:\WINDOWS\Prefetch\DEFRAG.EXE-273F131E.pf - deleted
C:\WINDOWS\Prefetch\DFRGNTFS.EXE-1B4CF28D.pf - deleted
C:\WINDOWS\Prefetch\DFRGNTFS.EXE-269967DF.pf - deleted
C:\WINDOWS\Prefetch\DKICON.EXE-205BEF4B.pf - deleted
C:\WINDOWS\Prefetch\DKSERVICE.EXE-2C7F128B.pf - deleted
C:\WINDOWS\Prefetch\DLG.EXE-26114BC1.pf - deleted
C:\WINDOWS\Prefetch\DUMPREP.EXE-1B46F901.pf - deleted
C:\WINDOWS\Prefetch\DWWIN.EXE-30875ADC.pf - deleted
C:\WINDOWS\Prefetch\EXCEL.EXE-13B3F319.pf - deleted
C:\WINDOWS\Prefetch\EXPLORER.EXE-082F38A9.pf - deleted
C:\WINDOWS\Prefetch\FIND.EXE-09E88DCF.pf - deleted
C:\WINDOWS\Prefetch\FINDSTR.EXE-2BC95C5E.pf - deleted
C:\WINDOWS\Prefetch\FIREFOX.EXE-28641590.pf - deleted
C:\WINDOWS\Prefetch\GRPCONV.EXE-111CD845.pf - deleted
C:\WINDOWS\Prefetch\HELPCTR.EXE-3862B6F5.pf - deleted
C:\WINDOWS\Prefetch\HELPHOST.EXE-247D2792.pf - deleted
C:\WINDOWS\Prefetch\HELPSVC.EXE-2878DDA2.pf - deleted
C:\WINDOWS\Prefetch\HJT.EXE-00830B0E.pf - deleted
C:\WINDOWS\Prefetch\HPQIMZONE.EXE-038F0838.pf - deleted
C:\WINDOWS\Prefetch\HPQSTE08.EXE-18A7280B.pf - deleted
C:\WINDOWS\Prefetch\HPQTHB08.EXE-060DCF16.pf - deleted
C:\WINDOWS\Prefetch\HPQTRA08.EXE-17E37E7E.pf - deleted
C:\WINDOWS\Prefetch\HPRBLOG.EXE-00925A01.pf - deleted
C:\WINDOWS\Prefetch\HPZIPM12.EXE-145E7369.pf - deleted
C:\WINDOWS\Prefetch\IBMTCSD.EXE-10520FD5.pf - deleted
C:\WINDOWS\Prefetch\IDRIVER.EXE-05125BED.pf - deleted
C:\WINDOWS\Prefetch\IDRIVER.EXE-342E2A76.pf - deleted
C:\WINDOWS\Prefetch\IEXPLORE.EXE-27122324.pf - deleted
C:\WINDOWS\Prefetch\IMAPI.EXE-0BF740A4.pf - deleted
C:\WINDOWS\Prefetch\IS-72QIE.TMP-25422E61.pf - deleted
C:\WINDOWS\Prefetch\IS-S3V41.TMP-177C875E.pf - deleted
C:\WINDOWS\Prefetch\ISADMIN.EXE-34B59F8A.pf - deleted
C:\WINDOWS\Prefetch\Layout.ini - deleted
C:\WINDOWS\Prefetch\LOG VIEWER.EXE-1E464F8C.pf - deleted
C:\WINDOWS\Prefetch\LOGMON.EXE-24958F1E.pf - deleted
C:\WINDOWS\Prefetch\LOGON.SCR-151EFAEA.pf - deleted
C:\WINDOWS\Prefetch\LS.EXE-08231091.pf - deleted
C:\WINDOWS\Prefetch\MDM.EXE-1EFE14A5.pf - deleted
C:\WINDOWS\Prefetch\MMC.EXE-177D1984.pf - deleted
C:\WINDOWS\Prefetch\MMC.EXE-1EF9AA05.pf - deleted
C:\WINDOWS\Prefetch\MSIEXEC.EXE-2F8A8CAE.pf - deleted
C:\WINDOWS\Prefetch\MSMSGS.EXE-2B6052DE.pf - deleted
C:\WINDOWS\Prefetch\MSNMSGR.EXE-366A1A81.pf - deleted
C:\WINDOWS\Prefetch\MVC.EXE-13C0094F.pf - deleted
C:\WINDOWS\Prefetch\NET.EXE-01A53C2F.pf - deleted
C:\WINDOWS\Prefetch\NET1.EXE-029B9DB4.pf - deleted
C:\WINDOWS\Prefetch\NIRCMD.CFEXE-02460B29.pf - deleted
C:\WINDOWS\Prefetch\NIRCMD.COM-223F42C3.pf - deleted
C:\WINDOWS\Prefetch\NOTEPAD.EXE-336351A9.pf - deleted
C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf - deleted
C:\WINDOWS\Prefetch\NTVDM.EXE-1A10A423.pf - deleted
C:\WINDOWS\Prefetch\R1PUNINST.EXE-3A2B61F5.pf - deleted
C:\WINDOWS\Prefetch\READER_SL.EXE-3614FA6E.pf - deleted
C:\WINDOWS\Prefetch\REG.EXE-0D2A95F7.pf - deleted
C:\WINDOWS\Prefetch\REG.EXE-2004C8E0.pf - deleted
C:\WINDOWS\Prefetch\REGEDIT.EXE-1B606482.pf - deleted
C:\WINDOWS\Prefetch\REGEDIT.EXE-390ED0DE.pf - deleted
C:\WINDOWS\Prefetch\REGSRVC.EXE-19D06F0A.pf - deleted
C:\WINDOWS\Prefetch\RRCMD.EXE-02EB7F2C.pf - deleted
C:\WINDOWS\Prefetch\RRSERVICE.EXE-05E23830.pf - deleted
C:\WINDOWS\Prefetch\RTVSCAN.EXE-3A4C9DE3.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-11B9E729.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-13DA0E71.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-147710F4.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-172C7372.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-1831A4F3.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-280E21FA.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-3520B5B3.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-36E71144.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-3F83063D.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-4489B61B.pf - deleted
C:\WINDOWS\Prefetch\RUNONCE.EXE-2803F297.pf - deleted
C:\WINDOWS\Prefetch\SET7F3B.TMP-3A31D2DF.pf - deleted
C:\WINDOWS\Prefetch\SETUP.EXE-1585F7E0.pf - deleted
C:\WINDOWS\Prefetch\SETUP.EXE-33F83361.pf - deleted
C:\WINDOWS\Prefetch\SHOWHTML.EXE-0F7DD3C5.pf - deleted
C:\WINDOWS\Prefetch\SNDVOL32.EXE-383480B7.pf - deleted
C:\WINDOWS\Prefetch\SOFFICE.BIN-1CB0E218.pf - deleted
C:\WINDOWS\Prefetch\SOFFICE.EXE-24A0773F.pf - deleted
C:\WINDOWS\Prefetch\SVCHOST.EXE-3530F672.pf - deleted
C:\WINDOWS\Prefetch\SWREG.EXE-14780C9A.pf - deleted
C:\WINDOWS\Prefetch\SWSC.EXE-1B7F0DFA.pf - deleted
C:\WINDOWS\Prefetch\SYMSPORT.EXE-0626E887.pf - deleted
C:\WINDOWS\Prefetch\TASKMGR.EXE-20256C55.pf - deleted
C:\WINDOWS\Prefetch\TCPSVCS.EXE-05847ECC.pf - deleted
C:\WINDOWS\Prefetch\TP4EX.EXE-321A93B8.pf - deleted
C:\WINDOWS\Prefetch\TPHDEXLG.EXE-21456D5D.pf - deleted
C:\WINDOWS\Prefetch\TPKMPSVC.EXE-0834B88E.pf - deleted
C:\WINDOWS\Prefetch\TPSHOCKS.EXE-2B61E88E.pf - deleted
C:\WINDOWS\Prefetch\TVTSCHED.EXE-0C9F0ACC.pf - deleted
C:\WINDOWS\Prefetch\UNINS000.EXE-047BEDEE.pf - deleted
C:\WINDOWS\Prefetch\UPDCLIENT.EXE-215FC96B.pf - deleted
C:\WINDOWS\Prefetch\USERINIT.EXE-30B18140.pf - deleted
C:\WINDOWS\Prefetch\USNSVC.EXE-373E4DBC.pf - deleted
C:\WINDOWS\Prefetch\UTILMAN.EXE-0985F07B.pf - deleted
C:\WINDOWS\Prefetch\VS7JIT.EXE-01A88C4C.pf - deleted
C:\WINDOWS\Prefetch\WINRAR.EXE-39C6DAD9.pf - deleted
C:\WINDOWS\Prefetch\WMIADAP.EXE-2DF425B2.pf - deleted
C:\WINDOWS\Prefetch\WMIAPSRV.EXE-1E2270A5.pf - deleted
C:\WINDOWS\Prefetch\WMIPRVSE.EXE-28F301A9.pf - deleted
C:\WINDOWS\Prefetch\WMPLAYER.EXE-18DDEFA1.pf - deleted
C:\WINDOWS\Prefetch\WSCNTFY.EXE-1B24F5EB.pf - deleted
C:\WINDOWS\Prefetch\WUAUCLT.EXE-399A8E72.pf - deleted
C:\WINDOWS\Prefetch\XCOPY.EXE-21FC761A.pf - deleted
C:\WINDOWS\Prefetch\ZIP.EXE-03A98C6D.pf - deleted
C:\WINDOWS\Prefetch\ZLCLIENT.EXE-1C550EB2.pf - deleted
C:\WINDOWS\Prefetch\_IU14D2N.TMP-30CCC11F.pf - deleted
'Run MRU' list - removed from the registry.
Explorer Open/Save MRU list - removed from the registry.
Explorer Last Visited MRU list - removed from the registry.
Telnet's MRU list - removed from the registry.
CleanUp! 4.5.2 recovered 5.8 MB of disk space from 133 files.
CleanUp! finished on 04/17/08 00:32:30.
CleanUp! started on 04/17/08 00:32:29.
C:\Documents and Settings\Mistral\Local Settings\Temporary Internet Files\Content.IE5\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Mistral\Local Settings\Temporary Internet Files\Content.IE5\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Mistral\Local Settings\Historique\History.IE5\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Mistral\Local Settings\Historique\History.IE5\MSHist012008041620080417\index.dat currently in use. Will be deleted when Windows is restarted.
'Typed URLs' (Internet Explorer) - removed from the registry.
C:\Documents and Settings\Mistral\Cookies\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Mistral\Application Data\Mozilla\Firefox\Profiles\24ez7jt5.default\history.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Mistral\Application Data\Mozilla\Firefox\Profiles\24ez7jt5.default\cookies.txt.old - deleted
C:\DOCUME~1\Mistral\LOCALS~1\Temp\hpodvd09.log currently in use. Will be deleted when Windows is restarted.
C:\DOCUME~1\Mistral\LOCALS~1\Temp\java_install_reg.log - deleted
C:\DOCUME~1\Mistral\LOCALS~1\Temp\jusched.log - deleted
C:\DOCUME~1\Mistral\LOCALS~1\Temp\Perflib_Perfdata_fc0.dat currently in use. Will be deleted when Windows is restarted.
C:\DOCUME~1\Mistral\LOCALS~1\Temp\~DF2957.tmp currently in use. Will be deleted when Windows is restarted.
C:\DOCUME~1\Mistral\LOCALS~1\Temp\hsperfdata_Mistral\ - deleted
C:\DOCUME~1\Mistral\LOCALS~1\Temp\hpodvd09.log currently in use. Will be deleted when Windows is restarted.
C:\DOCUME~1\Mistral\LOCALS~1\Temp\Perflib_Perfdata_fc0.dat currently in use. Will be deleted when Windows is restarted.
C:\DOCUME~1\Mistral\LOCALS~1\Temp\~DF2957.tmp currently in use. Will be deleted when Windows is restarted.
C:\WINDOWS\temp\Perflib_Perfdata_1e4.dat currently in use. Will be deleted when Windows is restarted.
C:\WINDOWS\temp\vtclrg41.tmp currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\NetworkService\Cookies\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\NetworkService\locals~1\tempor~1\Content.IE5\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\NetworkService\Cookies\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Mistral\Cookies\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Mistral\locals~1\tempor~1\Content.IE5\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Mistral\Cookies\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Mistral\Local Settings\Temp\hpodvd09.log currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Mistral\Local Settings\Temp\Perflib_Perfdata_fc0.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Mistral\Local Settings\Temp\~DF2957.tmp currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Mistral\Local Settings\Temporary Internet Files\Content.IE5\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\LocalService\Cookies\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\LocalService\locals~1\tempor~1\Content.IE5\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\LocalService\Cookies\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat currently in use. Will be deleted when Windows is restarted.
C:\WINDOWS\Prefetch\ACMUROCHLPR.EXE-2E667F3A.pf - deleted
C:\WINDOWS\Prefetch\ACRORD32INFO.EXE-013EA364.pf - deleted
C:\WINDOWS\Prefetch\ACSVC.EXE-206ED8CF.pf - deleted
C:\WINDOWS\Prefetch\AD-AWARE2007.EXE-0CF9A7E5.pf - deleted
C:\WINDOWS\Prefetch\AD-WATCH2007.EXE-0622402D.pf - deleted
C:\WINDOWS\Prefetch\ALG.EXE-0F138680.pf - deleted
C:\WINDOWS\Prefetch\ATI2EVXX.EXE-19D16EB9.pf - deleted
C:\WINDOWS\Prefetch\AVGAM.EXE-1C82112E.pf - deleted
C:\WINDOWS\Prefetch\AVGAS.EXE-27525987.pf - deleted
C:\WINDOWS\Prefetch\AVGCMGR.EXE-1D29CBA8.pf - deleted
C:\WINDOWS\Prefetch\AVGNSX.EXE-3B2A5A79.pf - deleted
C:\WINDOWS\Prefetch\AVGRSX.EXE-1893543C.pf - deleted
C:\WINDOWS\Prefetch\AVGTRAY.EXE-17920267.pf - deleted
C:\WINDOWS\Prefetch\AVGUI.EXE-388E181A.pf - deleted
C:\WINDOWS\Prefetch\BR_FUNCS.EXE-183E70A5.pf - deleted
C:\WINDOWS\Prefetch\BTSTAC~1.EXE-22A3B15B.pf - deleted
C:\WINDOWS\Prefetch\BTTRAY.EXE-23487190.pf - deleted
C:\WINDOWS\Prefetch\CATCHME.EXE-159DDF12.pf - deleted
C:\WINDOWS\Prefetch\CLIPTEXT.EXE-1606842F.pf - deleted
C:\WINDOWS\Prefetch\CMD.EXE-087B4001.pf - deleted
C:\WINDOWS\Prefetch\COMBOFIX.EXE-08D9E4F8.pf - deleted
C:\WINDOWS\Prefetch\CONTROL.EXE-013DBFB5.pf - deleted
C:\WINDOWS\Prefetch\CTFMON.EXE-0E17969B.pf - deleted
C:\WINDOWS\Prefetch\DEFRAG.EXE-273F131E.pf - deleted
C:\WINDOWS\Prefetch\DFRGNTFS.EXE-1B4CF28D.pf - deleted
C:\WINDOWS\Prefetch\DFRGNTFS.EXE-269967DF.pf - deleted
C:\WINDOWS\Prefetch\DKICON.EXE-205BEF4B.pf - deleted
C:\WINDOWS\Prefetch\DKSERVICE.EXE-2C7F128B.pf - deleted
C:\WINDOWS\Prefetch\DLG.EXE-26114BC1.pf - deleted
C:\WINDOWS\Prefetch\DUMPREP.EXE-1B46F901.pf - deleted
C:\WINDOWS\Prefetch\DWWIN.EXE-30875ADC.pf - deleted
C:\WINDOWS\Prefetch\EXCEL.EXE-13B3F319.pf - deleted
C:\WINDOWS\Prefetch\EXPLORER.EXE-082F38A9.pf - deleted
C:\WINDOWS\Prefetch\FIND.EXE-09E88DCF.pf - deleted
C:\WINDOWS\Prefetch\FINDSTR.EXE-2BC95C5E.pf - deleted
C:\WINDOWS\Prefetch\FIREFOX.EXE-28641590.pf - deleted
C:\WINDOWS\Prefetch\GRPCONV.EXE-111CD845.pf - deleted
C:\WINDOWS\Prefetch\HELPCTR.EXE-3862B6F5.pf - deleted
C:\WINDOWS\Prefetch\HELPHOST.EXE-247D2792.pf - deleted
C:\WINDOWS\Prefetch\HELPSVC.EXE-2878DDA2.pf - deleted
C:\WINDOWS\Prefetch\HJT.EXE-00830B0E.pf - deleted
C:\WINDOWS\Prefetch\HPQIMZONE.EXE-038F0838.pf - deleted
C:\WINDOWS\Prefetch\HPQSTE08.EXE-18A7280B.pf - deleted
C:\WINDOWS\Prefetch\HPQTHB08.EXE-060DCF16.pf - deleted
C:\WINDOWS\Prefetch\HPQTRA08.EXE-17E37E7E.pf - deleted
C:\WINDOWS\Prefetch\HPRBLOG.EXE-00925A01.pf - deleted
C:\WINDOWS\Prefetch\HPZIPM12.EXE-145E7369.pf - deleted
C:\WINDOWS\Prefetch\IBMTCSD.EXE-10520FD5.pf - deleted
C:\WINDOWS\Prefetch\IDRIVER.EXE-05125BED.pf - deleted
C:\WINDOWS\Prefetch\IDRIVER.EXE-342E2A76.pf - deleted
C:\WINDOWS\Prefetch\IEXPLORE.EXE-27122324.pf - deleted
C:\WINDOWS\Prefetch\IMAPI.EXE-0BF740A4.pf - deleted
C:\WINDOWS\Prefetch\IS-72QIE.TMP-25422E61.pf - deleted
C:\WINDOWS\Prefetch\IS-S3V41.TMP-177C875E.pf - deleted
C:\WINDOWS\Prefetch\ISADMIN.EXE-34B59F8A.pf - deleted
C:\WINDOWS\Prefetch\Layout.ini - deleted
C:\WINDOWS\Prefetch\LOG VIEWER.EXE-1E464F8C.pf - deleted
C:\WINDOWS\Prefetch\LOGMON.EXE-24958F1E.pf - deleted
C:\WINDOWS\Prefetch\LOGON.SCR-151EFAEA.pf - deleted
C:\WINDOWS\Prefetch\LS.EXE-08231091.pf - deleted
C:\WINDOWS\Prefetch\MDM.EXE-1EFE14A5.pf - deleted
C:\WINDOWS\Prefetch\MMC.EXE-177D1984.pf - deleted
C:\WINDOWS\Prefetch\MMC.EXE-1EF9AA05.pf - deleted
C:\WINDOWS\Prefetch\MSIEXEC.EXE-2F8A8CAE.pf - deleted
C:\WINDOWS\Prefetch\MSMSGS.EXE-2B6052DE.pf - deleted
C:\WINDOWS\Prefetch\MSNMSGR.EXE-366A1A81.pf - deleted
C:\WINDOWS\Prefetch\MVC.EXE-13C0094F.pf - deleted
C:\WINDOWS\Prefetch\NET.EXE-01A53C2F.pf - deleted
C:\WINDOWS\Prefetch\NET1.EXE-029B9DB4.pf - deleted
C:\WINDOWS\Prefetch\NIRCMD.CFEXE-02460B29.pf - deleted
C:\WINDOWS\Prefetch\NIRCMD.COM-223F42C3.pf - deleted
C:\WINDOWS\Prefetch\NOTEPAD.EXE-336351A9.pf - deleted
C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf - deleted
C:\WINDOWS\Prefetch\NTVDM.EXE-1A10A423.pf - deleted
C:\WINDOWS\Prefetch\R1PUNINST.EXE-3A2B61F5.pf - deleted
C:\WINDOWS\Prefetch\READER_SL.EXE-3614FA6E.pf - deleted
C:\WINDOWS\Prefetch\REG.EXE-0D2A95F7.pf - deleted
C:\WINDOWS\Prefetch\REG.EXE-2004C8E0.pf - deleted
C:\WINDOWS\Prefetch\REGEDIT.EXE-1B606482.pf - deleted
C:\WINDOWS\Prefetch\REGEDIT.EXE-390ED0DE.pf - deleted
C:\WINDOWS\Prefetch\REGSRVC.EXE-19D06F0A.pf - deleted
C:\WINDOWS\Prefetch\RRCMD.EXE-02EB7F2C.pf - deleted
C:\WINDOWS\Prefetch\RRSERVICE.EXE-05E23830.pf - deleted
C:\WINDOWS\Prefetch\RTVSCAN.EXE-3A4C9DE3.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-11B9E729.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-13DA0E71.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-147710F4.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-172C7372.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-1831A4F3.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-280E21FA.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-3520B5B3.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-36E71144.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-3F83063D.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-4489B61B.pf - deleted
C:\WINDOWS\Prefetch\RUNONCE.EXE-2803F297.pf - deleted
C:\WINDOWS\Prefetch\SET7F3B.TMP-3A31D2DF.pf - deleted
C:\WINDOWS\Prefetch\SETUP.EXE-1585F7E0.pf - deleted
C:\WINDOWS\Prefetch\SETUP.EXE-33F83361.pf - deleted
C:\WINDOWS\Prefetch\SHOWHTML.EXE-0F7DD3C5.pf - deleted
C:\WINDOWS\Prefetch\SNDVOL32.EXE-383480B7.pf - deleted
C:\WINDOWS\Prefetch\SOFFICE.BIN-1CB0E218.pf - deleted
C:\WINDOWS\Prefetch\SOFFICE.EXE-24A0773F.pf - deleted
C:\WINDOWS\Prefetch\SVCHOST.EXE-3530F672.pf - deleted
C:\WINDOWS\Prefetch\SWREG.EXE-14780C9A.pf - deleted
C:\WINDOWS\Prefetch\SWSC.EXE-1B7F0DFA.pf - deleted
C:\WINDOWS\Prefetch\SYMSPORT.EXE-0626E887.pf - deleted
C:\WINDOWS\Prefetch\TASKMGR.EXE-20256C55.pf - deleted
C:\WINDOWS\Prefetch\TCPSVCS.EXE-05847ECC.pf - deleted
C:\WINDOWS\Prefetch\TP4EX.EXE-321A93B8.pf - deleted
C:\WINDOWS\Prefetch\TPHDEXLG.EXE-21456D5D.pf - deleted
C:\WINDOWS\Prefetch\TPKMPSVC.EXE-0834B88E.pf - deleted
C:\WINDOWS\Prefetch\TPSHOCKS.EXE-2B61E88E.pf - deleted
C:\WINDOWS\Prefetch\TVTSCHED.EXE-0C9F0ACC.pf - deleted
C:\WINDOWS\Prefetch\UNINS000.EXE-047BEDEE.pf - deleted
C:\WINDOWS\Prefetch\UPDCLIENT.EXE-215FC96B.pf - deleted
C:\WINDOWS\Prefetch\USERINIT.EXE-30B18140.pf - deleted
C:\WINDOWS\Prefetch\USNSVC.EXE-373E4DBC.pf - deleted
C:\WINDOWS\Prefetch\UTILMAN.EXE-0985F07B.pf - deleted
C:\WINDOWS\Prefetch\VS7JIT.EXE-01A88C4C.pf - deleted
C:\WINDOWS\Prefetch\WINRAR.EXE-39C6DAD9.pf - deleted
C:\WINDOWS\Prefetch\WMIADAP.EXE-2DF425B2.pf - deleted
C:\WINDOWS\Prefetch\WMIAPSRV.EXE-1E2270A5.pf - deleted
C:\WINDOWS\Prefetch\WMIPRVSE.EXE-28F301A9.pf - deleted
C:\WINDOWS\Prefetch\WMPLAYER.EXE-18DDEFA1.pf - deleted
C:\WINDOWS\Prefetch\WSCNTFY.EXE-1B24F5EB.pf - deleted
C:\WINDOWS\Prefetch\WUAUCLT.EXE-399A8E72.pf - deleted
C:\WINDOWS\Prefetch\XCOPY.EXE-21FC761A.pf - deleted
C:\WINDOWS\Prefetch\ZIP.EXE-03A98C6D.pf - deleted
C:\WINDOWS\Prefetch\ZLCLIENT.EXE-1C550EB2.pf - deleted
C:\WINDOWS\Prefetch\_IU14D2N.TMP-30CCC11F.pf - deleted
'Run MRU' list - removed from the registry.
Explorer Open/Save MRU list - removed from the registry.
Explorer Last Visited MRU list - removed from the registry.
Telnet's MRU list - removed from the registry.
CleanUp! 4.5.2 recovered 5.8 MB of disk space from 133 files.
CleanUp! finished on 04/17/08 00:32:30.
Bonjour!
Euh pour Clean c'est quel fichier que je dois uploader: upload_moi.tar ou upload_moi.taR.gz (Le premier est beaucoup plus gros que le deuxième)
++
Euh pour Clean c'est quel fichier que je dois uploader: upload_moi.tar ou upload_moi.taR.gz (Le premier est beaucoup plus gros que le deuxième)
++
lilangel
Messages postés
21
Date d'inscription
mardi 15 avril 2008
Statut
Membre
Dernière intervention
25 mai 2008
17 avril 2008 à 09:04
17 avril 2008 à 09:04
Re,
Aussi mon ordi me dit que symantec anti virus est périmé malgré les mises à jours que j'ai fait faire. Suis-je bien protégée quand même?
++
Aussi mon ordi me dit que symantec anti virus est périmé malgré les mises à jours que j'ai fait faire. Suis-je bien protégée quand même?
++
Utilisateur anonyme
17 avril 2008 à 09:54
17 avril 2008 à 09:54
Re ,
Pour l'upload , envoi les deux ;)
Sinon pour Symantec , si tu n'arrives pas à expiration de ta licence , y a pas de soucis à avoir.
En plus , il se lance au démarrage et apparait dans les processus.
Le rapport Clean stp.
++
Pour l'upload , envoi les deux ;)
Sinon pour Symantec , si tu n'arrives pas à expiration de ta licence , y a pas de soucis à avoir.
En plus , il se lance au démarrage et apparait dans les processus.
Le rapport Clean stp.
++
lilangel
Messages postés
21
Date d'inscription
mardi 15 avril 2008
Statut
Membre
Dernière intervention
25 mai 2008
17 avril 2008 à 12:15
17 avril 2008 à 12:15
Ya un beug, quand j'envoye un fichier ca me met fichier invalide et quand je met l'autre, ca me met rien^^
++
++
Utilisateur anonyme
17 avril 2008 à 17:08
17 avril 2008 à 17:08
^^
Laisse tomber l'upload alors ...
Mon rapport Clean stp :)
++
Laisse tomber l'upload alors ...
Mon rapport Clean stp :)
++
lilangel
Messages postés
21
Date d'inscription
mardi 15 avril 2008
Statut
Membre
Dernière intervention
25 mai 2008
17 avril 2008 à 18:05
17 avril 2008 à 18:05
Rectification, c'est bon je l'ai trouvé
17/04/2008 a 18:05:42,59
*** Recherche des fichiers dans C:
*** Recherche des fichiers dans C:\WINDOWS\
*** Recherche des fichiers dans C:\WINDOWS\system32
"C:\WINDOWS\Downloaded Program Files\CONFLICT.1" FOUND
*** Recherche des fichiers dans C:\Program Files
"C:\Program Files\Viewpoint\" FOUND
A mon avis il est incomplet non?
17/04/2008 a 18:05:42,59
*** Recherche des fichiers dans C:
*** Recherche des fichiers dans C:\WINDOWS\
*** Recherche des fichiers dans C:\WINDOWS\system32
"C:\WINDOWS\Downloaded Program Files\CONFLICT.1" FOUND
*** Recherche des fichiers dans C:\Program Files
"C:\Program Files\Viewpoint\" FOUND
A mon avis il est incomplet non?
Utilisateur anonyme
17 avril 2008 à 19:08
17 avril 2008 à 19:08
Re ,
Non il n'est pas incomplet ;)
→ Redémarre en MSE
Autre tutorials pour MSE:
https://www.micro-astuce.com/depannage/demarrer-mode-sans-echec.php
http://www.coupdepoucepc.com/modules/news/article.php?storyid=253
→ Re-lance clean -> Choisis l'option 2
---Clean va travailler.---
→ Un rapport Va etre généré , poste le moi ;)
( Le rapport est aussi sauvegardé dans C:\Rapport_clean.txt )
A+
Non il n'est pas incomplet ;)
→ Redémarre en MSE
Autre tutorials pour MSE:
https://www.micro-astuce.com/depannage/demarrer-mode-sans-echec.php
http://www.coupdepoucepc.com/modules/news/article.php?storyid=253
→ Re-lance clean -> Choisis l'option 2
---Clean va travailler.---
→ Un rapport Va etre généré , poste le moi ;)
( Le rapport est aussi sauvegardé dans C:\Rapport_clean.txt )
A+
lilangel
Messages postés
21
Date d'inscription
mardi 15 avril 2008
Statut
Membre
Dernière intervention
25 mai 2008
17 avril 2008 à 20:21
17 avril 2008 à 20:21
Re,
Script execute en mode sans echec
Rapport clean par Malekal_morte - http://www.malekal.com
Script execute en mode sans echec 17/04/2008 a 20:04:57,82
Microsoft Windows XP [version 5.1.2600]
*** Suppression des fichiers dans C:
*** Suppression des fichiers dans C:\WINDOWS\
*** Suppression des fichiers dans C:\WINDOWS\system32
tentative de suppression de "C:\WINDOWS\Downloaded Program Files\CONFLICT.1"
*** Suppression des fichiers dans C:\Program Files
tentative de suppression de "C:\Program Files\Viewpoint\"
*** Suppression des clefs du registre effectuee..
*** Fin du rapport !
++
Script execute en mode sans echec
Rapport clean par Malekal_morte - http://www.malekal.com
Script execute en mode sans echec 17/04/2008 a 20:04:57,82
Microsoft Windows XP [version 5.1.2600]
*** Suppression des fichiers dans C:
*** Suppression des fichiers dans C:\WINDOWS\
*** Suppression des fichiers dans C:\WINDOWS\system32
tentative de suppression de "C:\WINDOWS\Downloaded Program Files\CONFLICT.1"
*** Suppression des fichiers dans C:\Program Files
tentative de suppression de "C:\Program Files\Viewpoint\"
*** Suppression des clefs du registre effectuee..
*** Fin du rapport !
++
Utilisateur anonyme
17 avril 2008 à 20:26
17 avril 2008 à 20:26
Re ,
_Maintenant , nous allons supprimer les logiciels de désinfection que je t'ai fait téléchargé.
En effet , s'en servir est dangereux pour le pc si l'on ne s'y connais pas.
De plus ils sont mis régulièrement à jours.
→ Ferme toutes les applications en cours, puis télécharge ToolsCleaner2 sur ton Bureau.
→ Double clique sur ToolsCleaner2.exe >
→ Clique sur .Recherche
→ puis sur Suppression quand la liste est trouvée.
→ Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).
(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
Note : ton bureau RISQUE de disparaître, c'est normal. S'il n'apparaît pas à la fin du scan, fais la manip suivante :
CTRL+ALT+SUPP pour ouvrir le Gestionnaire des tâches.
Puis rends toi à l'onglet "Processus". Clique en haut à gauche sur Fichiers et choisis "Exécuter"
Tape explorer.exe et valide. Cela fera re-apparaître le Bureau
Tuto : http://www.commentcamarche.net/faq/sujet 8341 toolscleaner suppression des fix de force brute ( merci espion3004 )
****************************
Maintenant que ton PC n'est plus infecté, désactive ta "Restauration du système" puis réactive la, ce qui créer un point de restauration sain...
Désactivation :
Clique droit sur le "Poste de travail" > Propriétés > onglet "Restauration du système" > coche la case "Désactiver la Restauration du système sur tous les lecteurs"
> Applique patiente jusqu’à ce que cela soit marqué "désactivé" puis Ok.
Activation :
Suivre le même chemin ; décoche la case "Désactiver la Restauration du système sur tous les lecteurs"
> Applique attends que cela soit à nouveau sur "surveillance" puis Ok. Redémarre l'ordinateur.
+++
_Maintenant , nous allons supprimer les logiciels de désinfection que je t'ai fait téléchargé.
En effet , s'en servir est dangereux pour le pc si l'on ne s'y connais pas.
De plus ils sont mis régulièrement à jours.
→ Ferme toutes les applications en cours, puis télécharge ToolsCleaner2 sur ton Bureau.
→ Double clique sur ToolsCleaner2.exe >
→ Clique sur .Recherche
→ puis sur Suppression quand la liste est trouvée.
→ Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).
(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
Note : ton bureau RISQUE de disparaître, c'est normal. S'il n'apparaît pas à la fin du scan, fais la manip suivante :
CTRL+ALT+SUPP pour ouvrir le Gestionnaire des tâches.
Puis rends toi à l'onglet "Processus". Clique en haut à gauche sur Fichiers et choisis "Exécuter"
Tape explorer.exe et valide. Cela fera re-apparaître le Bureau
Tuto : http://www.commentcamarche.net/faq/sujet 8341 toolscleaner suppression des fix de force brute ( merci espion3004 )
****************************
Maintenant que ton PC n'est plus infecté, désactive ta "Restauration du système" puis réactive la, ce qui créer un point de restauration sain...
Désactivation :
Clique droit sur le "Poste de travail" > Propriétés > onglet "Restauration du système" > coche la case "Désactiver la Restauration du système sur tous les lecteurs"
> Applique patiente jusqu’à ce que cela soit marqué "désactivé" puis Ok.
Activation :
Suivre le même chemin ; décoche la case "Désactiver la Restauration du système sur tous les lecteurs"
> Applique attends que cela soit à nouveau sur "surveillance" puis Ok. Redémarre l'ordinateur.
+++
-->- Recherche:
C:\FixWareOut: trouvé !
C:\Qoobox: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
C:\Documents and Settings\Mistral\Bureau\SdFix.exe: trouvé !
C:\Documents and Settings\Mistral\Bureau\HijackThis.lnk: trouvé !
C:\Documents and Settings\Mistral\Bureau\FixWareout.exe: trouvé !
C:\Documents and Settings\Mistral\Bureau\Clean.zip: trouvé !
C:\Documents and Settings\Mistral\Bureau\ComboFix.exe: trouvé !
C:\Documents and Settings\Mistral\Bureau\clean\tar.exe: trouvé !
C:\Documents and Settings\Mistral\Bureau\clean\remove.reg: trouvé !
C:\Documents and Settings\Mistral\Bureau\clean\pskill.exe: trouvé !
C:\Documents and Settings\Mistral\Bureau\clean\LFiles.exe: trouvé !
C:\Documents and Settings\Mistral\Bureau\clean\gzip.exe: trouvé !
C:\Documents and Settings\Mistral\Bureau\clean\delsiri.cmd: trouvé !
C:\Documents and Settings\Mistral\Bureau\clean\delr.cmd: trouvé !
C:\Documents and Settings\Mistral\Bureau\clean\del3.cmd: trouvé !
C:\Documents and Settings\Mistral\Bureau\clean\del2.cmd: trouvé !
C:\Documents and Settings\Mistral\Bureau\clean\clean.cmd: trouvé !
C:\Documents and Settings\Mistral\Bureau\clean\cherche.cmd: trouvé !
C:\Program Files\ThinkPad\Bluetooth Software\gzip.exe: trouvé !
C:\Program Files\Trend Micro\HijackThis: trouvé !
C:\QooBox\Quarantine\C\SDFIX: trouvé !
---------------------------------
-->- Suppression:
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé !
C:\Documents and Settings\Mistral\Bureau\SdFix.exe: supprimé !
C:\Documents and Settings\Mistral\Bureau\HijackThis.lnk: supprimé !
C:\Documents and Settings\Mistral\Bureau\FixWareout.exe: supprimé !
C:\Documents and Settings\Mistral\Bureau\Clean.zip: supprimé !
C:\Documents and Settings\Mistral\Bureau\ComboFix.exe: supprimé !
C:\Documents and Settings\Mistral\Bureau\clean\tar.exe: supprimé !
C:\Documents and Settings\Mistral\Bureau\clean\remove.reg: supprimé !
C:\Documents and Settings\Mistral\Bureau\clean\pskill.exe: supprimé !
C:\Documents and Settings\Mistral\Bureau\clean\LFiles.exe: supprimé !
C:\Documents and Settings\Mistral\Bureau\clean\gzip.exe: supprimé !
C:\Documents and Settings\Mistral\Bureau\clean\delsiri.cmd: supprimé !
C:\Documents and Settings\Mistral\Bureau\clean\delr.cmd: supprimé !
C:\Documents and Settings\Mistral\Bureau\clean\del3.cmd: supprimé !
C:\Documents and Settings\Mistral\Bureau\clean\del2.cmd: supprimé !
C:\Documents and Settings\Mistral\Bureau\clean\clean.cmd: supprimé !
C:\Documents and Settings\Mistral\Bureau\clean\cherche.cmd: supprimé !
C:\Program Files\ThinkPad\Bluetooth Software\gzip.exe: supprimé !
C:\FixWareOut: supprimé !
C:\Qoobox: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: supprimé !
C:\Program Files\Trend Micro\HijackThis: supprimé !
Voila! C'est bon?
++
C:\FixWareOut: trouvé !
C:\Qoobox: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
C:\Documents and Settings\Mistral\Bureau\SdFix.exe: trouvé !
C:\Documents and Settings\Mistral\Bureau\HijackThis.lnk: trouvé !
C:\Documents and Settings\Mistral\Bureau\FixWareout.exe: trouvé !
C:\Documents and Settings\Mistral\Bureau\Clean.zip: trouvé !
C:\Documents and Settings\Mistral\Bureau\ComboFix.exe: trouvé !
C:\Documents and Settings\Mistral\Bureau\clean\tar.exe: trouvé !
C:\Documents and Settings\Mistral\Bureau\clean\remove.reg: trouvé !
C:\Documents and Settings\Mistral\Bureau\clean\pskill.exe: trouvé !
C:\Documents and Settings\Mistral\Bureau\clean\LFiles.exe: trouvé !
C:\Documents and Settings\Mistral\Bureau\clean\gzip.exe: trouvé !
C:\Documents and Settings\Mistral\Bureau\clean\delsiri.cmd: trouvé !
C:\Documents and Settings\Mistral\Bureau\clean\delr.cmd: trouvé !
C:\Documents and Settings\Mistral\Bureau\clean\del3.cmd: trouvé !
C:\Documents and Settings\Mistral\Bureau\clean\del2.cmd: trouvé !
C:\Documents and Settings\Mistral\Bureau\clean\clean.cmd: trouvé !
C:\Documents and Settings\Mistral\Bureau\clean\cherche.cmd: trouvé !
C:\Program Files\ThinkPad\Bluetooth Software\gzip.exe: trouvé !
C:\Program Files\Trend Micro\HijackThis: trouvé !
C:\QooBox\Quarantine\C\SDFIX: trouvé !
---------------------------------
-->- Suppression:
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé !
C:\Documents and Settings\Mistral\Bureau\SdFix.exe: supprimé !
C:\Documents and Settings\Mistral\Bureau\HijackThis.lnk: supprimé !
C:\Documents and Settings\Mistral\Bureau\FixWareout.exe: supprimé !
C:\Documents and Settings\Mistral\Bureau\Clean.zip: supprimé !
C:\Documents and Settings\Mistral\Bureau\ComboFix.exe: supprimé !
C:\Documents and Settings\Mistral\Bureau\clean\tar.exe: supprimé !
C:\Documents and Settings\Mistral\Bureau\clean\remove.reg: supprimé !
C:\Documents and Settings\Mistral\Bureau\clean\pskill.exe: supprimé !
C:\Documents and Settings\Mistral\Bureau\clean\LFiles.exe: supprimé !
C:\Documents and Settings\Mistral\Bureau\clean\gzip.exe: supprimé !
C:\Documents and Settings\Mistral\Bureau\clean\delsiri.cmd: supprimé !
C:\Documents and Settings\Mistral\Bureau\clean\delr.cmd: supprimé !
C:\Documents and Settings\Mistral\Bureau\clean\del3.cmd: supprimé !
C:\Documents and Settings\Mistral\Bureau\clean\del2.cmd: supprimé !
C:\Documents and Settings\Mistral\Bureau\clean\clean.cmd: supprimé !
C:\Documents and Settings\Mistral\Bureau\clean\cherche.cmd: supprimé !
C:\Program Files\ThinkPad\Bluetooth Software\gzip.exe: supprimé !
C:\FixWareOut: supprimé !
C:\Qoobox: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: supprimé !
C:\Program Files\Trend Micro\HijackThis: supprimé !
Voila! C'est bon?
++
Utilisateur anonyme
17 avril 2008 à 21:01
17 avril 2008 à 21:01
Re ,
Si tu as créé un nouveau point de restauration , c'est ok :)
Mon aide s'arrête la , si tu as des questions ...
++
Si tu as créé un nouveau point de restauration , c'est ok :)
Mon aide s'arrête la , si tu as des questions ...
++
