Sujet Précédent Sujet Suivant

Pc fortement ralentie

Fermé
xNewlifebobbax Messages postés 79 Date d'inscription dimanche 5 juin 2011 Statut Membre Dernière intervention 2 janvier 2013 - 19 juil. 2012 à 01:02
 Utilisateur anonyme - 22 juil. 2012 à 03:35
Bonjour donc mon soucis c'est que j'ai fais un antivirus , antimalware , antiadware , ccleaner , defraggler , Glary Utilities ( pro ) , désactiver des logiciels au démarrage ( MSCONFIG ) et mon pc ram fortement . Quand je veux aller sur google je dois attendre 20 sec , skype cesse de fonctionner , google chrome ce ferme tout seul , Windows Explorer à cessé de fonctionner , ma cam interne ne fonctionne plus . Aidez moi svp mon pc fais la grêve !
A voir également:

21 réponses

  • 1
  • 2
Réponse 1 / 21
Utilisateur anonyme
19 juil. 2012 à 02:20
salut

antiadware => poubelle si c est adware ou spybot
Glary Utilities => poubelle c'est tout juste bon à fracasser un systeme ce truc là

===

Attention : cet outil peut etre détecté à tort comme virus

tous les processus "non vitaux de windows" vont être coupés , enregistre ton travail.

Désactive toutes tes protections si possible , antivirus , sandbox , etc....

telecharge et enregistre Pre_Scan sur ton bureau :

http://forums-fec.be/gen-hackman/Pre_Scan.exe
http://general-changelog-team.fr/fr/downloads/viewdownload/41-outils-de-gen-hackman/52-pre-scan

Avertissement :Il y aura une extinction du bureau pendant le scan --> pas de panique.

une fois telechargé lance-le , laisse faire le scan jusqu'à l'apparition de "Pre_scan_la_date_et_l'heure.txt" sur le bureau.

si l'outil est relancé plusieurs fois , il te proposera un menu et qu'aucune option n'est demandée, lance l'option "Kill"

si l'outil est bloqué par l'infection utilise cette version avec extension .pif :

http://forums-fec.be/gen-hackman/Pre_Scan.pif

si l'outil detecte un proxy et que tu n'en as pas installé clique sur "supprimer le proxy"

Il se peut qu'une multitude de fenêtres noires clignotent , laisse-le travailler

Poste Pre_Scan_la_date_et_l'heure.txt qui apparaitra sur le bureau en fin de scan


NE LE POSTE PAS SUR LE FORUM !!! (il est trop long)

Heberge le rapport sur http://pjjoint.malekal.com puis donne le lien obtenu en echange sur le forum où tu te fais aider
0
Réponse 2 / 21
xNewlifebobbax Messages postés 79 Date d'inscription dimanche 5 juin 2011 Statut Membre Dernière intervention 2 janvier 2013
19 juil. 2012 à 21:51
A L'AIDE !!! Le logiciel m'a dit que il y avait une erreur avec l'explorer.exe !!! Il redemarre pc ( il me demande ) je fais ok et je n'est plus d'écran ! Je peux encore utiliser CTRL+ALT+Supp et donc encore executer ( comme sà que j'ai eu google chrome ) . Explorer.exe est introuvable même avec EXECUTER . J'ai besoin de vous de toute urgence merci !
0
Réponse 3 / 21
Utilisateur anonyme
Modifié par g3n-h@ckm@n le 19/07/2012 à 22:09
ah bon ?

tape cmd dans executer

puis tape

dir /s explorer.exe

du coup tu m'as fait flipper pour rien je l'ai viré de la circulation mais chez moi il tourne bien .... je vais quand meme tester jusqu'à windows 8 et si rien je le remets en ligne
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Pre_Scan_Concept ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
0
Réponse 4 / 21
xNewlifebobbax Messages postés 79 Date d'inscription dimanche 5 juin 2011 Statut Membre Dernière intervention 2 janvier 2013
20 juil. 2012 à 00:54
Je le fait , sa me dit " Le volume dans le lecteur C s'appelle ACER " puis " Le numéro de série du volume ***** (<- je donne si on me le demande ) et même résultat = Fichier introuvable .

Est ce que sa peut fonctionner si je le prend sur un autre pc sa fonctionnerais ?( pareille que moi , VISTA )

Et excuse moi de t'avoir fait flipper ( mdr ) , logiciel sinon a l'air vraiment pas mal , mais mon pc a eu beaucoup de crise en ce moment avec explorer.exe qui cesse de fontionner ...
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 21
Utilisateur anonyme
Modifié par g3n-h@ckm@n le 20/07/2012 à 01:05
ok tu aurais pu me le dira avant que ca deconnait deja explorer lol non le numero du disque dur n est pas important

autant pour moi j'ai fait une erreur c'est :

dir /s c:\explorer.exe
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Pre_Scan_Concept ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
0
Réponse 6 / 21
xNewlifebobbax Messages postés 79 Date d'inscription dimanche 5 juin 2011 Statut Membre Dernière intervention 2 janvier 2013
20 juil. 2012 à 12:55
6 fichier(s) 17 555 456 octets
0 Rép(s) 114 927 763 456 octets libres

Et la je ne sais pas si c'est E: F: ... parce que E et F fonctionne pas ...

Et merci de ton aide qui met précieuse :-)
0
Réponse 7 / 21
Utilisateur anonyme
Modifié par g3n-h@ckm@n le 20/07/2012 à 13:37
lol si j 'ai pas les chemins des fichiers.....

alors fais ca :

dir /s c:\explorer.exe >> c:\a.txt

entrée

notepad.exe c:\a.txt

entrée

colle le contenu de ce qui s'ouvre
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Pre_Scan_Concept ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
0
Réponse 8 / 21
xNewlifebobbax Messages postés 79 Date d'inscription dimanche 5 juin 2011 Statut Membre Dernière intervention 2 janvier 2013
20 juil. 2012 à 13:55
Le volume dans le lecteur C s'appelle ACER
Le num'ro de s'rie du volume est 642A-F713

R'pertoire de c:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3

29/10/2008 08:20 2ÿ923ÿ520 explorer.exe
1 fichier(s) 2ÿ923ÿ520 octets

R'pertoire de c:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b

28/10/2008 04:15 2ÿ923ÿ520 explorer.exe
1 fichier(s) 2ÿ923ÿ520 octets

R'pertoire de c:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf

21/01/2008 04:24 2ÿ927ÿ104 explorer.exe
1 fichier(s) 2ÿ927ÿ104 octets

R'pertoire de c:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8

29/10/2008 08:29 2ÿ927ÿ104 explorer.exe
1 fichier(s) 2ÿ927ÿ104 octets

R'pertoire de c:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1

30/10/2008 05:59 2ÿ927ÿ616 explorer.exe
1 fichier(s) 2ÿ927ÿ616 octets

R'pertoire de c:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b

11/04/2009 08:27 2ÿ926ÿ592 explorer.exe
1 fichier(s) 2ÿ926ÿ592 octets

Total des fichiers list'sÿ:
6 fichier(s) 17ÿ555ÿ456 octets
0 R'p(s) 114ÿ919ÿ178ÿ240 octets libres
Le volume dans le lecteur C s'appelle ACER
Le num'ro de s'rie du volume est 642A-F713

R'pertoire de c:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3

29/10/2008 08:20 2ÿ923ÿ520 explorer.exe
1 fichier(s) 2ÿ923ÿ520 octets

R'pertoire de c:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b

28/10/2008 04:15 2ÿ923ÿ520 explorer.exe
1 fichier(s) 2ÿ923ÿ520 octets

R'pertoire de c:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf

21/01/2008 04:24 2ÿ927ÿ104 explorer.exe
1 fichier(s) 2ÿ927ÿ104 octets

R'pertoire de c:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8

29/10/2008 08:29 2ÿ927ÿ104 explorer.exe
1 fichier(s) 2ÿ927ÿ104 octets

R'pertoire de c:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1

30/10/2008 05:59 2ÿ927ÿ616 explorer.exe
1 fichier(s) 2ÿ927ÿ616 octets

R'pertoire de c:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b

11/04/2009 08:27 2ÿ926ÿ592 explorer.exe
1 fichier(s) 2ÿ926ÿ592 octets

Total des fichiers list'sÿ:
6 fichier(s) 17ÿ555ÿ456 octets
0 R'p(s) 114ÿ919ÿ145ÿ472 octets libres
0
Réponse 9 / 21
Utilisateur anonyme
Modifié par g3n-h@ckm@n le 20/07/2012 à 14:11
tape ou colle ca :

copy /y "c:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe" "%Windir%\explorer.exe"

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Pre_Scan_Concept ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
0
Réponse 10 / 21
xNewlifebobbax Messages postés 79 Date d'inscription dimanche 5 juin 2011 Statut Membre Dernière intervention 2 janvier 2013
20 juil. 2012 à 14:10
J'efface tout le bloc-note et je colle sa ?
0
Utilisateur anonyme
20 juil. 2012 à 14:12
la premiere phrase etait en trop ^^

faut que tu tapes ca dans la fenetre noire
0
Réponse 11 / 21
xNewlifebobbax Messages postés 79 Date d'inscription dimanche 5 juin 2011 Statut Membre Dernière intervention 2 janvier 2013
20 juil. 2012 à 14:12
Ah dans cmd , ok ;)
0
Réponse 12 / 21
xNewlifebobbax Messages postés 79 Date d'inscription dimanche 5 juin 2011 Statut Membre Dernière intervention 2 janvier 2013
20 juil. 2012 à 14:13
C'est écrit " 1 fichier copié "
0
Réponse 13 / 21
Utilisateur anonyme
20 juil. 2012 à 14:14
tape

explorer.exe
0
Réponse 14 / 21
xNewlifebobbax Messages postés 79 Date d'inscription dimanche 5 juin 2011 Statut Membre Dernière intervention 2 janvier 2013
20 juil. 2012 à 14:17
Sa c'est ouvert ! Merci !!! Mais comme je dis toujours , ne te réjouis pas tout de suite mon bon homme . En suite ? ( si il y en a une )
0
Réponse 15 / 21
Utilisateur anonyme
20 juil. 2012 à 14:18
supprime le pre_scan que tu as telechargé (j'ai fait 6 mises à jour depuis ^^ )
retelecharge-le puis relance-le
0
Réponse 16 / 21
xNewlifebobbax Messages postés 79 Date d'inscription dimanche 5 juin 2011 Statut Membre Dernière intervention 2 janvier 2013
20 juil. 2012 à 14:49
6 MAJ ? ( bon travaille serieux ton logiciel ( même toi ) êtes super :) )


¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Pre_Scan | 2.720 ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤ XP | Vista | 7 | 8 - 32/64 bits ¤¤¤¤¤

~ Mis à jour le 20/07/2012 | 09.30 par g3n-h@ckm@n
~ Informations Evolution : https://gen-hackman.kanak.fr/
~ Informations sur les switchs Pre_Script : https://gen-hackman.kanak.fr/
~ Feedback Pre_scan : https://gen-hackman.kanak.fr/#505
~ Merci à C_XX , Slyk & Saachaa pour leur apport à l'évolution de l'outil

~ Utilisateur : Chris (Administrateurs) | SID = S-1-5-21-189212149-3443194759-3464892-1000
~ Ordinateur : PC-DE-CHRIS

~ Système d'exploitation : Windows Vista (TM) Home Premium (32 bits) HomePremium Service Pack 2
~ Enregistré sous : Chris
~ Processeur : Intel(R) Core(TM)2 Solo CPU U3500 @ 1.40GHz
~ Identification : x86 Family 6 Model 23 Stepping 10

Pare-feu windows : Actif
Windows Defender : Actif

~ Mémoire RAM = Total (KB) : 3073070 | Used (%) : 50 | Free (KB) : 1513140
~ Pagefile = Total (KB) : 6360180 | Free (KB) : 4922410
~ Virtuelle = Total (KB) : 2097020 | Free (KB) : 1923350

¤¤¤¤¤¤¤¤¤¤ | Scripts de boot


¤¤¤¤¤¤¤¤¤¤ | Drives

c:\ -> [Fixed] | [ACER] | Total : 228470 Mo | Free : 109600 Mo -> NTFS

Scan : 14:23:00 | 20/07/2012

¤¤¤¤¤¤¤¤¤¤ | Navigateurs

Internet Explorer : 9.0.8112.16421
Mozilla Firefox : 11.0 (fr)
Google Chrome : 17.0.963.56

¤ Par défaut :

[HKCR\http | command] : "C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe" -- "%1"

¤¤¤¤¤¤¤¤¤¤ | Frameworks

~ [02/11/2006 13:18:35] - C:\Windows\Microsoft.net\Framework\v1.0.3705
~ [02/11/2006 13:18:35] - C:\Windows\Microsoft.net\Framework\v1.1.4322
~ [02/11/2006 13:18:35] - C:\Windows\Microsoft.net\Framework\v1.0.3705
~ [02/11/2006 13:18:35] - C:\Windows\Microsoft.net\Framework\v1.1.4322
~ [02/11/2006 13:18:35] - C:\Windows\Microsoft.net\Framework\v2.0.50727
~ [02/11/2006 14:37:35] - C:\Windows\Microsoft.net\Framework\v3.0
~ [24/02/2012 23:42:00] - C:\Windows\Microsoft.net\Framework\v3.5
~ [25/02/2012 12:43:03] - C:\Windows\Microsoft.net\Framework\v4.0.30319

¤¤¤¤¤¤¤¤¤¤ | Windows Updates

Last(s) détection(s) : 2012-07-19 14:34:05
Last(s) download(s) : 2012-07-17 11:35:37
Last(s) installation(s) : 2012-07-17 11:39:15
Next search : 2012-07-20 12:20:59


¤¤¤¤¤¤¤¤¤¤ | Sessions | Profiles | Directories

~ [HKLM | ProfileList\S-1-5-21-189212149-3443194759-3464892-1000]|[ProfileImagePath] : C:\Users\Chris
~ [HKLM | ProfileList\S-1-5-21-189212149-3443194759-3464892-1000]|[RefCount] : 1
~ [HKLM | ProfileList\S-1-5-21-189212149-3443194759-3464892-1000]|[State] : 256
~ [HKLM | ProfileList\S-1-5-21-189212149-3443194759-3464892-1001]|[ProfileImagePath] : C:\Users\MAXENCE-PC
~ [HKLM | ProfileList\S-1-5-21-189212149-3443194759-3464892-1001]|[RefCount] : 0
~ [HKLM | ProfileList\S-1-5-21-189212149-3443194759-3464892-1001]|[State] : 516

~ C:\Windows\system32\config\systemprofile
~ C:\Windows\ServiceProfiles\LocalService
~ C:\Windows\ServiceProfiles\NetworkService
~ C:\Users\Chris
~ C:\Users\MAXENCE-PC

New restorepoint created


¤¤¤¤¤¤¤¤¤¤ | MD5 Control

[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - [20/07/2012 14:13:13] - (.© Microsoft Corporation. - Explorateur Windows.) - [2858 Ko] - (6.0.6002.18005) - C:\Windows\explorer.exe
[MD5.37440D09DEAE0B672A04DCCF7ABF06BE] - [09/04/2009 03:37:01] - (.© Microsoft Corporation. - Explorateur Windows.) - [2855 Ko] - (6.0.6000.16771) - C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[MD5.E7156B0B74762D9DE0E66BDCDE06E5FB] - [09/04/2009 03:37:01] - (.© Microsoft Corporation. - Explorateur Windows.) - [2855 Ko] - (6.0.6000.20947) - C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[MD5.FFA764631CB70A30065C12EF8E174F9F] - [21/01/2008 04:24:24] - (.© Microsoft Corporation. - Explorateur Windows.) - [2858.5 Ko] - (6.0.6001.18000) - C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
[MD5.4F554999D7D5F05DAAEBBA7B5BA1089D] - [09/04/2009 03:37:01] - (.© Microsoft Corporation. - Explorateur Windows.) - [2858.5 Ko] - (6.0.6001.18164) - C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[MD5.50BA5850147410CDE89C523AD3BC606E] - [09/04/2009 03:37:01] - (.© Microsoft Corporation. - Explorateur Windows.) - [2859 Ko] - (6.0.6001.22298) - C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - [25/02/2012 16:29:49] - (.© Microsoft Corporation. - Explorateur Windows.) - [2858 Ko] - (6.0.6002.18005) - C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[MD5.ABCA209EBA02CB59233614DB83B4F50D] - [21/01/2008 04:24:54] - (.© Microsoft Corporation. - Processus d'exécuttion client-serveur.) - [6 Ko] - (6.0.6001.18000) - C:\Windows\System32\csrss.exe
[MD5.ABCA209EBA02CB59233614DB83B4F50D] - [21/01/2008 04:24:54] - (.© Microsoft Corporation. - Client Server Runtime Process.) - [6 Ko] - (6.0.6001.18000) - C:\Windows\winsxs\x86_microsoft-windows-csrss_31bf3856ad364e35_6.0.6001.18000_none_58e3e3d7e415ae4c\csrss.exe ->
[MD5.D4E6D91C1349B7BFB3599A6ADA56851B] - [25/02/2012 16:29:33] - (.© Microsoft Corporation. - Applications Services et Contrôleur.) - [273 Ko] - (6.0.6002.18005) - C:\Windows\System32\services.exe
[MD5.2B336AB6286D6C81FA02CBAB914E3C6C] - [21/01/2008 04:24:48] - (.© Microsoft Corporation. - Applications Services et Contrôleur.) - [272.5 Ko] - (6.0.6001.18000) - C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe
[MD5.D4E6D91C1349B7BFB3599A6ADA56851B] - [25/02/2012 16:29:33] - (.© Microsoft Corporation. - Applications Services et Contrôleur.) - [273 Ko] - (6.0.6002.18005) - C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe
[MD5.98AF15A94CD6AC37248E72E5FE789B35] - [25/02/2012 16:28:25] - (.© Microsoft Corporation. - Windows Session Manager.) - [62.5 Ko] - (6.0.6002.18005) - C:\Windows\System32\smss.exe
[MD5.6701DDAF68BEDE6BBEEA9D514D73A35B] - [21/01/2008 04:23:50] - (.© Microsoft Corporation. - Windows Session Manager.) - [62.5 Ko] - (6.0.6001.18000) - C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6001.18000_none_ac3aa7fd19319fba\smss.exe
[MD5.98AF15A94CD6AC37248E72E5FE789B35] - [25/02/2012 16:28:25] - (.© Microsoft Corporation. - Windows Session Manager.) - [62.5 Ko] - (6.0.6002.18005) - C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.18005_none_ae26210916536b06\smss.exe
[MD5.0E135526E9785D085BCD9AEDE6FBCBF9] - [21/01/2008 04:24:49] - (.© Microsoft Corporation. - Application d'ouverture de session Userinit.) - [24.5 Ko] - (6.0.6001.18000) - C:\Windows\System32\userinit.exe
[MD5.0E135526E9785D085BCD9AEDE6FBCBF9] - [21/01/2008 04:24:49] - (.© Microsoft Corporation. - Application d'ouverture de session Userinit.) - [24.5 Ko] - (6.0.6001.18000) - C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - [21/01/2008 04:23:42] - (.© Microsoft Corporation. - Application de démarrage de Windows.) - [94.5 Ko] - (6.0.6001.18000) - C:\Windows\System32\wininit.exe
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - [21/01/2008 04:23:42] - (.© Microsoft Corporation. - Application de démarrage de Windows.) - [94.5 Ko] - (6.0.6001.18000) - C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
[MD5.898E7C06A350D4A1A64A9EA264D55452] - [25/02/2012 16:29:19] - (.© Microsoft Corporation. - Application d'ouverture de session Windows.) - [307 Ko] - (6.0.6002.18005) - C:\Windows\System32\winlogon.exe
[MD5.C2610B6BDBEFC053BBDAB4F1B965CB24] - [21/01/2008 04:24:49] - (.© Microsoft Corporation. - Application d'ouverture de session Windows.) - [307.5 Ko] - (6.0.6001.18000) - C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
[MD5.898E7C06A350D4A1A64A9EA264D55452] - [25/02/2012 16:29:19] - (.© Microsoft Corporation. - Application d'ouverture de session Windows.) - [307 Ko] - (6.0.6002.18005) - C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[MD5.3911B972B55FEA0478476B2E777B29FA] - [24/02/2012 23:21:53] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [267 Ko] - (6.0.6002.18457) - C:\Windows\System32\drivers\afd.sys
[MD5.763E172A55177E478CB419F88FD0BA03] - [21/01/2008 04:24:17] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [267.5 Ko] - (6.0.6001.18000) - C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6001.18000_none_d7e842925e6d1f50\afd.sys
[MD5.48EB99503533C27AC6135648E5474457] - [24/02/2012 23:21:53] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [267 Ko] - (6.0.6001.18639) - C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6001.18639_none_d7d0e0cc5e7d461c\afd.sys
[MD5.C8AF25017CECB75906A571AC70D2D306] - [24/02/2012 23:21:53] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [267.5 Ko] - (6.0.6001.22905) - C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6001.22905_none_d876efff77862705\afd.sys
[MD5.A201207363AA900ABF1A388468688570] - [25/02/2012 16:28:34] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [267.5 Ko] - (6.0.6002.18005) - C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.18005_none_d9d3bb9e5b8eea9c\afd.sys
[MD5.3911B972B55FEA0478476B2E777B29FA] - [24/02/2012 23:21:53] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [267 Ko] - (6.0.6002.18457) - C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.18457_none_d99fb42e5bb59d9b\afd.sys
[MD5.70EE0FC7A0F384DBD929A01384AEEB4B] - [24/02/2012 23:21:53] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [267.5 Ko] - (6.0.6002.22629) - C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.22629_none_da4bc33774b91967\afd.sys
[MD5.2D9C903DC76A66813D350A562DE40ED9] - [21/01/2008 04:23:00] - (.© Microsoft Corporation. - ATAPI IDE Miniport Driver.) - [21.05 Ko] - (6.0.6001.18000) - C:\Windows\System32\drivers\atapi.sys
[MD5.2D9C903DC76A66813D350A562DE40ED9] - [21/01/2008 04:23:00] - (.© Microsoft Corporation. - ATAPI IDE Miniport Driver.) - [21.05 Ko] - (6.0.6001.18000) - C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - [25/02/2012 16:29:07] - (.© Microsoft Corporation. - ATAPI IDE Miniport Driver.) - [19.48 Ko] - (6.0.6002.18005) - C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[MD5.6B4BFFB9BECD728097024276430DB314] - [25/02/2012 16:28:11] - (.© Microsoft Corporation. - SCSI CD-ROM Driver.) - [65.5 Ko] - (6.0.6002.18005) - C:\Windows\System32\drivers\cdrom.sys
[MD5.1EC25CEA0DE6AC4718BF89F9E1778B57] - [21/01/2008 04:23:02] - (.© Microsoft Corporation. - SCSI CD-ROM Driver.) - [65.5 Ko] - (6.0.6001.18000) - C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[MD5.6B4BFFB9BECD728097024276430DB314] - [25/02/2012 16:28:11] - (.© Microsoft Corporation. - SCSI CD-ROM Driver.) - [65.5 Ko] - (6.0.6002.18005) - C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - [25/02/2012 16:29:07] - (.© Microsoft Corporation. - MBT Transport driver.) - [181.5 Ko] - (6.0.6002.18005) - C:\Windows\System32\drivers\netbt.sys
[MD5.7C5FEE5B1C5728507CD96FB4A13E7A02] - [21/01/2008 04:24:59] - (.© Microsoft Corporation. - MBT Transport driver.) - [180 Ko] - (6.0.6001.18000) - C:\Windows\winsxs\x86_microsoft-windows-netbt_31bf3856ad364e35_6.0.6001.18000_none_6064c861f7442765\netbt.sys
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - [25/02/2012 16:29:07] - (.© Microsoft Corporation. - MBT Transport driver.) - [181.5 Ko] - (6.0.6002.18005) - C:\Windows\winsxs\x86_microsoft-windows-netbt_31bf3856ad364e35_6.0.6002.18005_none_6250416df465f2b1\netbt.sys
[MD5.76B06EB8A01FC8624D699E7045303E54] - [25/02/2012 16:28:29] - (.© Microsoft Corporation. - TDI Translation Driver.) - [70.5 Ko] - (6.0.6002.18005) - C:\Windows\System32\drivers\tdx.sys
[MD5.D09276B1FAB033CE1D40DCBDF303D10F] - [21/01/2008 04:24:53] - (.© Microsoft Corporation. - TDI Translation Driver.) - [70 Ko] - (6.0.6001.18000) - C:\Windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6001.18000_none_ea3dc84bdc15a8b7\tdx.sys
[MD5.76B06EB8A01FC8624D699E7045303E54] - [25/02/2012 16:28:29] - (.© Microsoft Corporation. - TDI Translation Driver.) - [70.5 Ko] - (6.0.6002.18005) - C:\Windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6002.18005_none_ec294157d9377403\tdx.sys
[MD5.147281C01FCB1DF9252DE2A10D5E7093] - [25/02/2012 16:29:13] - (.© Microsoft Corporation. - Pilote de cliché instantané du volume.) - [220.98 Ko] - (6.0.6002.18005) - C:\Windows\System32\drivers\volsnap.sys
[MD5.D8B4A53DD2769F226B3EB374374987C9] - [21/01/2008 04:23:21] - (.© Microsoft Corporation. - Volume Shadow Copy Driver.) - [222.55 Ko] - (6.0.6001.18000) - C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6001.18000_none_15b6b780fc14facd\volsnap.sys
[MD5.147281C01FCB1DF9252DE2A10D5E7093] - [25/02/2012 16:29:13] - (.© Microsoft Corporation. - Volume Shadow Copy Driver.) - [220.98 Ko] - (6.0.6002.18005) - C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6002.18005_none_17a2308cf936c619\volsnap.sys

14:24:06

¤¤¤¤¤¤¤¤¤¤ | Processus

SLsvc.exe (1256) -> Processus stoppé
wlanext.exe (1724) -> Processus stoppé
spoolsv.exe (1776) -> Processus stoppé
taskeng.exe (1808) -> Processus stoppé
taskeng.exe (240) -> Processus stoppé
dsiwmis.exe (1116) -> Processus stoppé
ePowerSvc.exe (1320) -> Processus stoppé
FreeAgentService.exe (1024) -> Processus stoppé
FsUsbExService.Exe (1092) -> Processus stoppé
hamachi-2.exe (2072) -> Processus stoppé
IScheduleSvc.exe (2120) -> Processus stoppé
SchedulerSvc.exe (2168) -> Processus stoppé
ODDPWRSvc.exe (2208) -> Processus stoppé
RegSrvc.exe (2260) -> Processus stoppé
RS_Service.exe (2320) -> Processus stoppé
SearchIndexer.exe (2528) -> Processus stoppé
EvtEng.exe (2568) -> Processus stoppé
IAANTmon.exe (2620) -> Processus stoppé
igfxsrvc.exe (3372) -> Processus stoppé
wmpnetwk.exe (3736) -> Processus stoppé
conime.exe (2580) -> Processus stoppé
explorer.exe (3964) -> Processus stoppé
USBTip.exe (1952) -> Processus stoppé
LManager.exe (1096) -> Processus stoppé
BackupManagerTray.exe (784) -> Processus stoppé
jusched.exe (3216) -> Processus stoppé
hkcmd.exe (3192) -> Processus stoppé
AcerVCM.exe (2368) -> Processus stoppé
igfxext.exe (1636) -> Processus stoppé
AAM Updates Notifier.exe (2184) -> Processus stoppé
ePowerTray.exe (1644) -> Processus stoppé
igfxext.exe (2196) -> Processus stoppé
igfxsrvc.exe (3224) -> Processus stoppé
ePowerEvent.exe (3944) -> Processus stoppé
taskeng.exe (2036) -> Processus stoppé
TrustedInstaller.exe (3016) -> Processus stoppé

¤¤¤¤¤¤¤¤¤¤ | Running processes

Demarrage : Normal

484 | C:\Windows\System32\smss.exe - SYSTEM - Normal - \SystemRoot\System32\smss.exe - 4
552 | C:\Windows\system32\csrss.exe - SYSTEM - Normal - C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16 - 540
600 | C:\Windows\system32\wininit.exe - SYSTEM - High - wininit.exe - 540
608 | C:\Windows\system32\csrss.exe - SYSTEM - Normal - C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16 - 592
660 | C:\Windows\system32\winlogon.exe - SYSTEM - High - winlogon.exe - 592
676 | C:\Windows\system32\services.exe - SYSTEM - Normal - C:\Windows\system32\services.exe - 600
692 | C:\Windows\system32\lsass.exe - SYSTEM - Normal - C:\Windows\system32\lsass.exe - 600
700 | C:\Windows\system32\lsm.exe - SYSTEM - Normal - C:\Windows\system32\lsm.exe - 600
868 | C:\Windows\system32\svchost.exe - SYSTEM - Normal - C:\Windows\system32\svchost.exe -k DcomLaunch - 676
940 | C:\Windows\system32\svchost.exe - SERVICE RÉSEAU - Normal - C:\Windows\system32\svchost.exe -k rpcss - 676
972 | C:\Windows\System32\svchost.exe - SYSTEM - Normal - C:\Windows\System32\svchost.exe -k secsvcs - 676
1084 | C:\Windows\System32\svchost.exe - SERVICE LOCAL - Normal - C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted - 676
1128 | C:\Windows\System32\svchost.exe - SYSTEM - Normal - C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted - 676
1152 | C:\Windows\system32\svchost.exe - SYSTEM - Normal - C:\Windows\system32\svchost.exe -k netsvcs - 676
1236 | C:\Windows\system32\svchost.exe - SYSTEM - Normal - C:\Windows\system32\svchost.exe -k GPSvcGroup - 676
1288 | C:\Windows\system32\svchost.exe - SERVICE LOCAL - Normal - C:\Windows\system32\svchost.exe -k LocalService - 676
1488 | C:\Windows\system32\svchost.exe - SERVICE RÉSEAU - Normal - C:\Windows\system32\svchost.exe -k NetworkService - 676
1660 | C:\Windows\system32\Dwm.exe - Chris - High - "C:\Windows\system32\Dwm.exe" - 1128
1836 | C:\Program Files\Avira\AntiVir Desktop\sched.exe - SYSTEM - Normal - "C:\Program Files\Avira\AntiVir Desktop\sched.exe" - 676
1940 | C:\Windows\system32\svchost.exe - SERVICE LOCAL - Normal - C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork - 676
860 | C:\Program Files\Avira\AntiVir Desktop\avguard.exe - SYSTEM - Normal - "C:\Program Files\Avira\AntiVir Desktop\avguard.exe" - 676
2232 | C:\Windows\system32\svchost.exe - SERVICE RÉSEAU - Normal - C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted - 676
2388 | C:\Windows\system32\svchost.exe - SERVICE LOCAL - Normal - C:\Windows\system32\svchost.exe -k imgsvc - 676
2428 | C:\Windows\System32\svchost.exe - SYSTEM - Normal - C:\Windows\System32\svchost.exe -k WerSvcGroup - 676
3004 | C:\Windows\system32\wbem\unsecapp.exe - SYSTEM - Normal - C:\Windows\system32\wbem\unsecapp.exe -Embedding - 868
3168 | C:\Windows\system32\wbem\wmiprvse.exe - SYSTEM - Normal - C:\Windows\system32\wbem\wmiprvse.exe - 868
3600 | C:\Program Files\Avira\AntiVir Desktop\avshadow.exe - SYSTEM - Normal - "C:\Program Files\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_0000035c - 860
2356 | C:\Windows\system32\svchost.exe - SERVICE LOCAL - Normal - C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation - 676
2964 | C:\Windows\system32\svchost.exe - SERVICE LOCAL - Normal - C:\Windows\system32\svchost.exe -k WindowsMobile - 676
2864 | C:\Program Files\Avira\AntiVir Desktop\avgnt.exe - Chris - Below Normal - "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min - 3964
1828 | C:\Windows\system32\wbem\unsecapp.exe - Chris - Normal - C:\Windows\system32\wbem\unsecapp.exe -Embedding - 868
3740 | C:\Windows\system32\wbem\wmiprvse.exe - SERVICE RÉSEAU - Normal - C:\Windows\system32\wbem\wmiprvse.exe - 868
4372 | C:\Users\Chris\Videos\Downloads\winlogon0.exe - Chris - High - "C:\Users\Chris\Videos\Downloads\winlogon0.exe" - 3764
4644 | C:\Program Files\Windows Media Player\wmpnetwk.exe - SERVICE RÉSEAU - Normal - "C:\Program Files\Windows Media Player\wmpnetwk.exe" - 676
4664 | C:\Windows\system32\SearchIndexer.exe - SYSTEM - Normal - C:\Windows\system32\SearchIndexer.exe /Embedding - 676
5216 | C:\Windows\System32\spoolsv.exe - SYSTEM - Normal - C:\Windows\System32\spoolsv.exe - 676
5260 | C:\Windows\system32\taskeng.exe - Chris - Normal - taskeng.exe {BCCD4DFF-620D-4E3B-A434-6B4DC958A68F} - 1152
5320 | C:\Windows\system32\taskeng.exe - SYSTEM - Below Normal - taskeng.exe {1B557500-7BE3-485A-91D7-19700FDAD9A5} - 1152
5844 | C:\Windows\servicing\TrustedInstaller.exe - SYSTEM - Normal - C:\Windows\servicing\TrustedInstaller.exe - 676
4064 | C:\Windows\system32\conime.exe - Chris - Normal - C:\Windows\system32\conime.exe - 3336
4412 | C:\Windows\system32\conime.exe - Chris - Normal - C:\Windows\system32\conime.exe - 1012
1668 | C:\Windows\system32\cmd.exe - Chris - Normal - C:\Windows\system32\cmd.exe /c %Homedrive%\Pre_Scan\Pv.exe -o"%i | %f - %u - %p - %l - %r">>%Homedrive%\Pre_Scan.txt - 4372
3124 | C:\Pre_Scan\Pv.exe - Chris - Normal - C:\Pre_Scan\Pv.exe -o"%i | %f - %u - %p - %l - %r" - 1668
4356 | C:\Windows\system32\conime.exe - Chris - Normal - C:\Windows\system32\conime.exe - 1668

¤¤¤¤¤¤¤¤¤¤ | Winlogon


¤

[HKLM | Winlogon]|[Shell] : explorer.exe
[HKLM | Winlogon]|[AutoRestartShell] : 1 -> 0
[HKLM | Winlogon]|[userinit] : C:\Windows\system32\userinit.exe,
[HKLM | Winlogon]|[PowerDownAfterShutdown] : 1
[HKLM | Winlogon]|[System] :

¤¤¤¤¤¤¤¤¤¤ | Associations

[.exe] : exefile
[exefile | command] : "%1" %*
[.com] : comfile
[comfile | command] : "%1" %*
[.reg] : regfile
[regfile | command] : regedit.exe "%1"
[.scr] : scrfile
[scrfile | command] : "%1" /S
[.bat] : batfile
[batfile | command] : "%1" %*
[.cmd] : cmdfile
[cmdfile | command] : "%1" %*
[.pif] : piffile
[piffile | command] : "%1" %*
[.url] : InternetShortcut
[InternetShortcut | command] : "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l
[Application.Manifest | command] : rundll32.exe dfshim.dll,ShOpenVerbApplication %1
[Application.Reference | command] : rundll32.exe dfshim.dll,ShOpenVerbShortcut %1|%2
[Folder | command] : C:\Windows\explorer.exe

¤

[Firefox | Command] | @ : "C:\Program Files\Mozilla Firefox\Firefox.exe"
[Firefox - Safemode | Command] | @ : "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode
[IE | Command] | @ : "C:\Program Files\Internet Explorer\iexplore.exe"
[Applications | IE | Command] | @ : "C:\Program Files\Internet Explorer\iexplore.exe" %1
[Chrome | Command] | @ : "C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe"
[Assoc | Applications] | @ : http://shell.windows.com/fileassoc/%04x/xml/redir.asp?Ext=%s

¤¤¤¤¤¤¤¤¤¤ | Corrections diverses

[HKLM | HideDesktopIcons\ClassicStartMenu]|[{9343812e-1c37-4a49-a12e-4b2d810d956b}] : 0
[HKLM | HideDesktopIcons\NewStartPanel]|[{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}] : 0
[HKLM | HideDesktopIcons\NewStartPanel]|[{20D04FE0-3AEA-1069-A2D8-08002B30309D}] : 0
[HKLM | HideDesktopIcons\NewStartPanel]|[{208D2C60-3AEA-1069-A2D7-08002B30309D}] : 0
[HKLM | HideDesktopIcons\NewStartPanel]|[{871C5380-42A0-1069-A2EA-08002B30309D}] : 0
[HKLM | HideDesktopIcons\NewStartPanel]|[{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}] : 0
[HKLM | HideDesktopIcons\NewStartPanel]|[{59031a47-3f72-44a7-89c5-5595fe6b30ee}] : 0
[HKLM | HideDesktopIcons\NewStartPanel]|[{9343812e-1c37-4a49-a12e-4b2d810d956b}] : 0
[HKLM | Advanced\Folder\Hidden\SHOWALL]|[CheckedValue] : 1
[HKU\S-1-5-21-189212149-3443194759-3464892-1000 | Explorer\Advanced]|[Start_ShowMyMusic] : 1
[HKU\S-1-5-21-189212149-3443194759-3464892-1000 | Explorer\Advanced]|[Start_ShowMyPics] : 1
[HKU\S-1-5-21-189212149-3443194759-3464892-1000 | Explorer\Advanced]|[Start_ShowUser] : 1
[HKU\S-1-5-21-189212149-3443194759-3464892-1000 | Explorer\Advanced]|[Start_ShowMyDocs] : 1
[HKU\S-1-5-21-189212149-3443194759-3464892-1000 | Explorer\Advanced]|[Start_ShowHelp] : 1
[HKU\S-1-5-21-189212149-3443194759-3464892-1000 | Explorer\Advanced]|[Start_EnableDragDrop] : 1
[HKU\S-1-5-21-189212149-3443194759-3464892-1000 | Explorer\Advanced]|[Start_ShowMyComputer] : 1
[HKU\S-1-5-21-189212149-3443194759-3464892-1000 | Explorer\Advanced]|[Start_ShowControlPanel] : 1
[HKU\S-1-5-19 | Desktop]|[Wallpaper] : C:\windows\Web\Wallpaper\img24.jpg
[HKU\S-1-5-20 | Desktop]|[Wallpaper] : C:\windows\Web\Wallpaper\img24.jpg
[HKU\S-1-5-21-189212149-3443194759-3464892-1000 | Desktop]|[Wallpaper] : C:\Users\Chris\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
[HKU\S-1-5-19 | Policies\Explorer]|[NoDesktop] : 0
[HKU\S-1-5-20 | Policies\Explorer]|[NoDesktop] : 0
[HKU\S-1-5-21-189212149-3443194759-3464892-1000 | Policies\Explorer]|[NoDesktop] : 0
[HKU\S-1-5-21-189212149-3443194759-3464892-1000_Classes | Policies\Explorer]|[NoDesktop] : 0
[HKU\S-1-5-18 | Policies\Explorer]|[NoDesktop] : 0
[HKLM | CurrentVersion\Explorer]|[AlwaysUnloadDll] : 1
[HKLM | policies\Explorer]|[NoDesktop] : 0
[HKU\S-1-5-19 | Explorer\Advanced]|[Hidden] : 0
[HKU\S-1-5-20 | Explorer\Advanced]|[Hidden] : 0
[HKU\S-1-5-21-189212149-3443194759-3464892-1000 | Explorer\Advanced]|[Hidden] : 0
[HKU\S-1-5-21-189212149-3443194759-3464892-1000_Classes | Explorer\Advanced]|[Hidden] : 0
[HKU\S-1-5-18 | Explorer\Advanced]|[Hidden] : 0
[HKLM | Control\SafeBoot]|[AlternateShell] : cmd.exe

14:24:07

¤¤¤¤¤¤¤¤¤¤ | Services Corrections

[RPCSS] : 2 : Actif
[Cmbatt] : 3 : Actif
[Compbatt] : 0 : Actif
[Ndisuio] : 3 : Actif
[Profsvc] : 2 : Actif
[PlugPlay] : 2 : Actif
[PEAUTH] : 2 : Actif
[Parvdm] : 2 : Inactif
[nsi] : 2 : Actif
[NLASvc] : 2 : Actif
[MPSsvc] : 2 : Actif
[MMCSS] : 2 : Actif
[luafv] : 2 : Actif
[lltdio] : 2 : Actif
[Iphlpsvc] : 2 : Actif
[IKEEXT] : 2 : Actif
[gpsvc] | Start : 2 : Actif
[lmhosts] : 2 : Actif
[LanmanWorkstation] : 2 : Actif
[LanmanServer] : 2 : Actif
[agp440] | Start : 2 : Inactif
[AudioEndpointBuilder] : 2 : Actif
[Audiosrv] : 2 : Actif
[BFE] : 2 : Actif
[Bits] : 2 : Actif
[CryptSvc] : 2 : Actif
[EapHost] : 2 : Actif
[Wlansvc] : 2 : Actif
[SppSvc] : 2 : Inactif
[SharedAccess] : 2 : Inactif
[windefend] : 2 : Actif
[wuauserv] : 2 : Actif
[WerSvc] : 2 : Actif
[wscsvc] : 2 : Actif

14:24:07

¤¤¤¤¤¤¤¤¤¤ | Internet Explorer

[HKU\S-1-5-21-189212149-3443194759-3464892-1000 | Main]|[Start Page] : https://www.google.com/?gws_rd=ssl
[HKU\S-1-5-21-189212149-3443194759-3464892-1000 | Main]|[Local Page] : C:\Windows\system32\blank.htm
[HKU\S-1-5-21-189212149-3443194759-3464892-1000 | Main]|[Search Page] : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

[HKLM | Search]|[SearchAssistant] : http://www.google.com/toolbar/ie8/sidebar.html
[HKLM | Main]|[Start Page] : https://www.msn.com/fr-fr/?ocid=iehp
[HKLM | Main]|[Local Page] : C:\Windows\System32\blank.htm
[HKLM | Main]|[Default_Search_URL] : https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
[HKLM | Main]|[Default_Page_URL] : https://www.msn.com/fr-fr/?ocid=iehp
[HKLM | Main]|[Search Page] : https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
[HKLM | AboutURLs]|[Tabs] : res://ieframe.dll/tabswelcome.htm

¤

[HKU\S-1-5-19 | Internet settings]|[EnableHttp1_1] : 1
[HKU\S-1-5-20 | Internet settings]|[EnableHttp1_1] : 1
[HKU\S-1-5-21-189212149-3443194759-3464892-1000 | Internet settings]|[EnableHttp1_1] : 1
[HKU\S-1-5-21-189212149-3443194759-3464892-1000 | Internet settings]|[MigrateProxy] : 1
[HKU\S-1-5-19 | Internet settings]|[AutoConfigProxy] : wininet.dll
[HKU\S-1-5-20 | Internet settings]|[AutoConfigProxy] : wininet.dll
[HKU\S-1-5-21-189212149-3443194759-3464892-1000 | Internet settings]|[AutoConfigProxy] : wininet.dll
[HKU\S-1-5-18 | Internet settings]|[AutoConfigProxy] : wininet.dll

¤

[HKU\S-1-5-21-189212149-3443194759-3464892-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] | (Bing) -> https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&src=IE-SearchBox&FORM=IE8SRC
[HKU\S-1-5-21-189212149-3443194759-3464892-1000\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}] | () ->
[HKU\S-1-5-21-189212149-3443194759-3464892-1000\Software\Microsoft\Internet Explorer\SearchScopes\{7F76D47F-9B89-4560-919A-05530CB23F23}] | (XfireXO Customized Web Search) -> http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2304157
[HKU\S-1-5-21-189212149-3443194759-3464892-1000\Software\Microsoft\Internet Explorer\SearchScopes\{c1d89ae7-449d-4929-b24b-fded04adbe06}] | (Glary Search) -> http://isearch.glarysoft.com/?q={searchTerms}&src=iesearch
[HKU\S-1-5-21-189212149-3443194759-3464892-1000\Software\Microsoft\Internet Explorer\SearchScopes\{D5DE7C49-BFC2-4F35-9508-31E4F5B515B6}] | (Google) -> https://www.google.com/webhp?gws_rd=ssl{searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ACAW_fr

[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] | (@ieframe.dll,-12512) -> https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&FORM=IE8SRC
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}] | (Google) -> https://www.google.com/webhp?sourceid=ie7&gws_rd=ssl{searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{c1d89ae7-449d-4929-b24b-fded04adbe06}] | (Glary Search) -> http://isearch.glarysoft.com/?q={searchTerms}&src=iesearch

[HKU\S-1-5-21-189212149-3443194759-3464892-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1024F1BE-76DC-40d5-AB98-664A4185E5FA}] | () ->
[HKU\S-1-5-21-189212149-3443194759-3464892-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7AEFE841-DCA1-4A95-80CB-BE935D017600}] | () ->

[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{000209FF-0000-0000-C000-000000000046}] | (winword.exe) -> C:\Program Files\Microsoft Office\Office12
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0002df01-0000-0000-c000-000000000046}] | (iexplore.exe) -> %ProgramFiles%\Internet Explorer
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{003B91A6-61E3-4591-891D-01E94C8CB11E}] | (Silverlight.Configuration.exe) -> c:\Program Files\Microsoft Silverlight\5.1.10411.0\
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{054aae20-4bea-4347-8a35-64a533254a9d}] | (tabtip.exe) -> %CommonProgramFiles%\Microsoft Shared\Ink
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a}] | (wpcer.exe) -> C:\Windows\system32
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{08E8D305-8D6D-49fe-8603-03A926E46AE0}] | (Adobe_Updater.exe) -> C:\Program Files\Common Files\Adobe\Updater6
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{08f24d68-9087-4b24-81ad-7b34af3e3ed5}] | (Acrobat Elements.exe) -> %ProgramFiles%\adobe\acrobat 6.0\Acrobat Elements
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695}] | (winfxdocobj.exe) -> C:\Windows\system32
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1024F1BE-76DC-40d5-AB98-664A4185E5FA}] | (FacebookVideoCalling.exe) -> C:\Users\Chris\AppData\Local\Facebook\Video\Skype\
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{10483e7e-0e8b-4e16-9e77-6be5d991683b}] | (mstsc.exe) -> %systemroot%\system32
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1138506a-b949-46a7-b6c0-ee26499fdeaf}] | (wuapp.exe) -> C:\Windows\system32
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{130c40f0-1bcb-4852-8b63-291cf90a600b}] | (msdt.exe) -> C:\Windows\system32
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{15B3FB63-66F4-4EFC-B717-BB283B85E79B}] | (AcroBroker.exe) -> C:\Program Files\Adobe\Reader 9.0\Reader\
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{186e0934-aee9-11da-961b-0014223d2a70}] | (dfsvc.exe) -> C:\Windows\microsoft.net\framework\v2.0.50727
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1ec76a37-1762-46ff-9b14-765b3e6793be}] | (agcp.exe) -> c:\Program Files\Microsoft Silverlight\5.1.10411.0\
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F1E561D-AF17-4510-B996-351BBA0862A7}] | () ->
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{26fe7361-bd5a-4dcb-b309-c6f42dde661c}] | (ieinstal.exe) -> %ProgramFiles%\Internet Explorer
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{28A36D69-07EA-44CE-B298-1A8B3E8B6FE1}] | (Skype.exe) -> C:\Program Files\Skype\Phone\
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2BBE903C-2776-4574-9855-EC1597ABE3D6}] | (EXCEL.EXE) -> C:\Program Files\Microsoft Office\Office12
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{358E6F10-DE8A-4602-8424-179CA217F8EE}] | (AcroRd32Info.exe) -> C:\Program Files\Adobe\Reader 9.0\Reader
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{39A895E9-93DD-4ffa-A4A3-2C14608B5B61}] | (SwHelper_1164634.exe) -> C:\Windows\system32\Adobe\Shockwave 11
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3B9A6E32-36C9-4946-B78C-3F58E3785EC1}] | (unpack200.exe) -> C:\Program Files\Java\jre6\bin
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{43ABBB95-C0E9-497B-8BB9-B5FA08861705}] | (wlmail.exe) -> C:\Program Files\Windows Live\Mail\
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44D1B085-E495-4b5f-9EE6-34795C46E7E7}] | (jp2launcher.exe) -> C:\Program Files\Java\jre6\bin
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49CF0734-BF9A-4444-BC9F-C26E56AF042F}] | (SonarHost.exe) -> C:\Program Files\Battlelog Web Plugins\Sonar\0.70.4
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4becf16c-74f0-429b-8d3e-4fba507ac661}] | (acrord32.exe) -> %ProgramFiles%\adobe\acrobat 7.0\reader
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4C0B7A7C-8ECF-422f-9448-0874C41D4532}] | (WLLoginProxy.exe) -> %ProgramFiles%\Common Files\Microsoft Shared\Windows Live
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5852F5ED-8BF4-11D4-A245-0080C6F74284}] | (javaws.exe) -> C:\Program Files\Java\jre6\bin
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{58F04068-17A5-41a3-B5B7-111004DDF5DC}] | (realplay.exe) -> c:\program files\real\realplayer\
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5A2777DF-310A-49ca-A9E8-6C9D608D257E}] | (realupgrade.exe) -> C:\Program Files\Real\RealUpgrade\
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5FBAF6E6-C64B-49DB-AB1B-F93C607EBC71}] | (onenote.exe) -> C:\Program Files\Microsoft Office\Office12
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68934FDE-CDB1-42CC-A38B-A44B43B0785C}] | (SWDNLD.EXE) -> C:\Windows\system32\Adobe\Director
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}] | (wmplayer.exe) -> %ProgramFiles%\Windows Media Player
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999}] | (iedw.exe) -> %ProgramFiles%\Internet Explorer
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7aaae723-5fb5-4b2d-9327-75519f336825}] | () ->
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7AEFE841-DCA1-4A95-80CB-BE935D017600}] | (esnlauncher3.exe) -> C:\Program Files\Battlelog Web Plugins
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7B7FB824-0A43-4bc2-B58D-F6386FEEFD84}] | (CGuard.exe) -> Choice Guard
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7eb01fb2-f185-445a-94e4-ec4e1ba2202c}] | (verclsid.exe) -> C:\Windows\system32
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{85fc331e-bb64-4c53-ba25-3d8a956c02fd}] | (ctfmon.exe) -> C:\Windows\system32
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{88B89B96-F7B2-469D-8F22-5F3BE33DEDDE}] | (SkypeIEPluginBroker.exe) -> C:\Program Files\Skype\Toolbars\Internet Explorer\
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}] | (helppane.exe) -> C:\Windows
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8E1F80F4-953F-41E7-8460-E64AE5BE4ED3}] | (AdobeCollabSync.exe) -> C:\Program Files\Adobe\Reader 9.0\Reader
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95a4104c-1c49-4c2a-9830-1be0f47e926c}] | (acrobat.exe) -> %ProgramFiles%\adobe\acrobat 7.0\Acrobat
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C6A861C-B233-4994-AFB1-C158EE4FC578}] | (AcroRd32.exe) -> C:\Program Files\Adobe\Reader 9.0\Reader
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9da1d2cb-796d-4bec-bbaa-0aa9ccd80e15}] | (Acrobat Elements.exe) -> %ProgramFiles%\adobe\acrobat 7.0\Acrobat Elements
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a5a2d52a-4944-47c4-a3e0-8bd92e14d953}] | (xpsviewer.exe) -> C:\Windows\system32\xpsviewer
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5B020FD-E04B-4e67-B65A-E7DEED25B2CF}] | (wisptis.exe) -> %SystemRoot%\System32
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A6E2003F-95C5-4591-BA9A-0093080FDB5C}] | (OberonBroker.exe) -> C:\Program Files\Common Files\Oberon Media\OberonBroker\1.0.0.63
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{aff735eb-cdf9-4894-aa69-3e3131128618}] | (cmd.exe) -> C:\Windows\system32
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8999AEC-AECE-4E27-9BCB-5358B13F9FF9}] | (dfsvc.exe) -> c:\Windows\Microsoft.NET\Framework\v4.0.30319\
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8999AED-AECE-4E27-9BCB-5358B13F9FF9}] | (dfsvc.exe) ->
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8FE2181-CAE7-49EE-9B04-DB7EB4DA544A}] | (ssvagent.exe) -> C:\Program Files\Java\jre6\bin
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D133B285-8A43-4EC7-93BE-9B909C2370F5}] | (msnmsgr.exe) -> C:\Program Files\Windows Live\Messenger\
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d8a5d001-3352-40db-9d1c-ed46683193b5}] | (WindowsLiveWriter.exe) -> C:\Program Files\Windows Live\Writer\
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{dc6bf185-7ae4-444e-8c35-e447b0d2bd1e}] | (notepad.exe) -> C:\Windows\System32
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E56200D6-445E-45ce-89D8-E0EF39ECF849}] | (RecordingManager.exe) -> c:\program files\real\realplayer\
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e5f90a07-7db7-4dcb-bd6d-d3fecd376ca3}] | (acrord32.exe) -> %ProgramFiles%\adobe\acrobat 6.0\reader
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eee261cc-4b3e-46e7-affb-61f297155bf2}] | (presentationhost.exe) -> C:\Windows\system32
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAF199D2-BFA7-4394-A4DE-044A08E59B32}] | (FlashUtil32_11_2_202_235_ActiveX.exe) -> C:\Windows\system32\Macromed\Flash
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fb9e068b-c612-4fa8-bdb9-d728a716a420}] | (acrobat.exe) -> %ProgramFiles%\adobe\acrobat 6.0\Acrobat
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FC88B53C-9B2A-1A25-5867-C8612E79DBF6}] | (POWERPNT.EXE) -> C:\Program Files\Microsoft Office\Office12

¤¤¤¤¤¤¤¤¤¤ | Firefox


Profile : e50aqun3.default

user_pref("browser.startup.homepage_override.buildID", "20120312181643");
user_pref("browser.startup.homepage_override.mstone", "rv:11.0");
user_pref("browser.download.lastDir", "C:\\Users\\Chris\\Desktop");

¤¤¤¤¤¤¤¤¤¤ | Extensions

C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\e50aqun3.default\extensions\{E173B749-DB5B-4fd2-BA0E-94ECEA0CA55B}

C:\Program Files\Mozilla Firefox\extensions\ffxtlbr@babylon.com
C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}


¤¤¤¤¤¤¤¤¤¤ | Plugins

C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
C:\Program Files\Mozilla Firefox\searchplugins\bing.xml
C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
C:\Program Files\Mozilla Firefox\searchplugins\glarysearch.xml
C:\Program Files\Mozilla Firefox\searchplugins\google.xml
C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml



¤¤¤¤¤¤¤¤¤¤ | DNS

[HKLM\SYSTEM\CCS | Tcpip\Parameters]|[DhcpNameServer] : 192.168.1.1
[HKLM\SYSTEM\ControlSet001 | Interfaces\{3186BEE7-A6D3-4753-85BD-82FAC321A057}]|[DhcpNameServer] : 192.168.1.1
[HKLM\SYSTEM\ControlSet001 | Interfaces\{3186BEE7-A6D3-4753-85BD-82FAC321A057}]|[NameServer] : 8.8.8.8,8.8.4.4
[HKLM\SYSTEM\ControlSet002 | Interfaces\{3186BEE7-A6D3-4753-85BD-82FAC321A057}]|[DhcpNameServer] : 192.168.1.1
[HKLM\SYSTEM\ControlSet002 | Interfaces\{3186BEE7-A6D3-4753-85BD-82FAC321A057}]|[NameServer] : 8.8.8.8,8.8.4.4
[HKLM\SYSTEM\CurrentControlSet | Interfaces\{3186BEE7-A6D3-4753-85BD-82FAC321A057}]|[DhcpNameServer] : 192.168.1.1
[HKLM\SYSTEM\CurrentControlSet | Interfaces\{3186BEE7-A6D3-4753-85BD-82FAC321A057}]|[NameServer] : 8.8.8.8,8.8.4.4

¤¤¤¤¤¤¤¤¤¤ | Hosts

Impossible to Clean : "hosts" !!

¤¤¤¤¤¤¤¤¤¤ | Files | Folders | Registry



14:34:24

Deleted : C:\Users\Chris\AppData\Local\Temp\sefD181.tmp
Impossible to move : C:\Users\Chris\AppData\Local\Temp\~DF9F4E.tmp
Quarantined and deleted sucessfully : |D| - C:\Users\Chris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0
Quarantined and deleted successfully : C:\Windows\Prefetch\ATBROKER.EXE-2E15A492.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\AVWSC.EXE-4630B658.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\BOOST.EXE-D790318F.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\CACLS.EXE-D332D70E.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\CHROME.EXE-8EECEDB1.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\CLEANMGR.EXE-E3C5E89D.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\CMD.EXE-4A81B364.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\CONIME.EXE-9781FD5F.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\CSRSS.EXE-3FE41F7E.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\DLLHOST.EXE-5E46FA0D.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\DLLHOST.EXE-B2EB1806.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\DPINST32.EXE-8EC7807B.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\DRVINST.EXE-4CB4314A.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\DWM.EXE-6FFD3DA8.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\EPOWEREVENT.EXE-C0CC1297.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\EPOWERTRAY.EXE-BEC50FFD.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\EVTENG.EXE-7482F9DF.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\EXPLORER.EXE-A80E4F97.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\FACEBOOKVIDEOCALLING.EXE-2D440218.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\GAMEBOOSTER.EXE-2AC7FB5C.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\ICONVRTR.EXE-32BDDB5D.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\IGFXEXT.EXE-D5F523DB.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\IGFXSRVC.EXE-96A493A4.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\IPRODIFX.EXE-BB44C581.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\IWRAP.EXE-20582B89.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\JAVAW.EXE-91B81925.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\JAVAWS.EXE-5FA6EB7C.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\LOGONUI.EXE-09140401.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\MAXBACKSERVICEINT.EXE-5CC0894E.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\MBRWIZ.EXE-1931CEC1.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\MOFCOMP.EXE-8FE3D558.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\MSCORSVW.EXE-C3C515BD.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\MSIEXEC.EXE-A2D55CB6.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\NOTEPAD.EXE-D8414F97.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\NOTIFICATION.EXE-7B26E9C4.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\PERFMON.EXE-E34F662B.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\PV.EXE-50E57268.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\REGSRVC.EXE-E4A04EBD.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\REGSVR32.EXE-8461DBEE.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\RUNDLL32.EXE-5912CB34.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\RUNDLL32.EXE-5CD64811.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\RUNDLL32.EXE-6E88E69C.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\RUNDLL32.EXE-70CDA826.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\RUNDLL32.EXE-A970DA54.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-77482212.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\SEARCHINDEXER.EXE-4A6353B9.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-0CB8CADE.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\SETINTELDPST.EXE-311EFEEA.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\SFC.EXE-8103D384.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\SLSVC.EXE-53F2276F.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\SMSS.EXE-E9C28FC6.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\SPOOLSV.EXE-D1F6B8B6.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\STXMENUMGR.EXE-DE33D184.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\SVCHOST.EXE-007FEA55.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\SVCHOST.EXE-3AB35CA7.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\SVCHOST.EXE-61AE5AB6.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\SVCHOST.EXE-80F4A784.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\SVCHOST.EXE-DD6406E8.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\SWREG.EXE-E95C4E92.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\TASKENG.EXE-48D4E289.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\TASKMGR.EXE-5F5F473D.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-3CC531E5.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\UNSECAPP.EXE-A02905A6.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\UPDATECHECK.EXE-9E018182.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\WERCON.EXE-E36BD04E.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\WERMGR.EXE-0F2AC88C.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\WEVTUTIL.EXE-EF5861C4.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\WINLOGON.EXE-B020DC41.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\WINLOGON0.EXE-CDFB79F0.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\WLANEXT.EXE-D2CEDC57.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\WMIADAP.EXE-F8DFDFA2.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\WMIPRVSE.EXE-1628051C.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\WMPNETWK.EXE-D9F2A96F.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\WSQMCONS.EXE-118B52B7.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\WUAUCLT.EXE-70318591.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\WUDFHOST.EXE-AFFEF87C.pf
Quarantined and deleted successfully : C:\Windows\Prefetch\SWXCACLS.COM-11AFEB4B.pf

14:37:56

¤¤¤¤¤¤¤¤¤¤ | SafeBoot | Control | Repair

[HKLM | Safeboot] -> OK
[HKLM | Safeboot\Minimal] -> OK
[HKLM | Safeboot\Network] -> OK

¤

[HKLM | Minimal\AppMgmt] : Service -> OK
[HKLM | Minimal\Base] : Driver Group -> OK
[HKLM | Minimal\Boot Bus Extender] : Driver Group -> OK
[HKLM | Minimal\Boot file system] : Driver Group -> OK
[HKLM | Minimal\CryptSvc] : Service -> OK
[HKLM | Minimal\DcomLaunch] : Service -> OK
[HKLM | Minimal\dmadmin] : Service -> OK
[HKLM | Minimal\dmboot.sys] : Driver -> OK
[HKLM | Minimal\dmio.sys] : Driver -> OK
[HKLM | Minimal\dmload.sys] : Driver -> OK
[HKLM | Minimal\dmserver] : Service -> OK
[HKLM | Minimal\EventLog]: Service -> OK
[HKLM | Minimal\File system] : Driver Group -> OK
[HKLM | Minimal\Filter] : Driver Group -> OK
[HKLM | Minimal\HelpSvc] : Service -> OK
[HKLM | Minimal\Netlogon] : Service -> OK
[HKLM | Minimal\PCI Configuration] : Driver Group -> OK
[HKLM | Minimal\PlugPlay] : Service -> OK
[HKLM | Minimal\PNP Filter] : Driver Group -> OK
[HKLM | Minimal\Primary disk] : Driver Group -> OK
[HKLM | Minimal\RpcSs] : Service -> OK
[HKLM | Minimal\SCSI Class] : Driver Group -> OK
[HKLM | Minimal\sermouse.sys] : Driver -> OK
[HKLM | Minimal\sr.sys] : FSFilter System Recovery -> OK
[HKLM | Minimal\SRService] : Service -> OK
[HKLM | Minimal\System Bus Extender] : Driver Group -> OK
[HKLM | Minimal\vds] : Service -> OK
[HKLM | Minimal\vga.sys] : Driver -> OK
[HKLM | Minimal\vgasave.sys] : Driver -> OK
[HKLM | Minimal\WinMgmt] : Service -> OK
[HKLM | Minimal\{36FC9E60-C465-11CF-8056-444553540000}] : Universal Serial Bus controllers -> OK
[HKLM | Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] : CD-ROM Drive -> OK
[HKLM | Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] : DiskDrive -> OK
[HKLM | Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] : Standard floppy disk controller -> OK
[HKLM | Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] : Hdc -> OK
[HKLM | Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] : Keyboard -> OK
[HKLM | Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] : Mouse -> OK
[HKLM | Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] : PCMCIA Adapters -> OK
[HKLM | Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] : SCSIAdapter -> OK
[HKLM | Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] : System -> OK
[HKLM | Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] : Floppy disk drive -> OK
[HKLM | Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] : Volume shadow copy -> OK
[HKLM | Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] : Volume -> OK
[HKLM | Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] : Human Interface Devices -> OK

¤

[HKLM | Network\AFD] : Service -> OK
[HKLM | Network\AppMgmt] : Service -> OK
[HKLM | Network\Base] : Driver Group -> OK
[HKLM | Network\Boot Bus Extender] : Driver Group -> OK
[HKLM | Network\Boot file system] : Driver Group -> OK
[HKLM | Network\Browser] : Service -> OK
[HKLM | Network\CryptSvc] : Service -> OK
[HKLM | Network\DcomLaunch] : Service -> OK
[HKLM | Network\Dhcp] : Service -> OK
[HKLM | Network\dmadmin] : Service -> OK
[HKLM | Network\dmboot.sys] : Driver -> OK
[HKLM | Network\dmio.sys] : Driver -> OK
[HKLM | Network\dmload.sys] : Driver -> OK
[HKLM | Network\dmserver] : Service -> OK
[HKLM | Network\DnsCache] : Service -> OK
[HKLM | Network\EventLog] : Service -> OK
[HKLM | Network\File system] : Driver Group -> OK
[HKLM | Network\Filter] : Driver Group -> OK
[HKLM | Network\HelpSvc] : Service -> OK
[HKLM | Network\ip6fw.sys] : Driver -> OK
[HKLM | Network\ipnat.sys] : Driver -> OK
[HKLM | Network\LanmanServer] : Service -> OK
[HKLM | Network\LanmanWorkstation] : Service -> OK
[HKLM | Network\LmHosts] : Service -> OK
[HKLM | Network\Messenger] : Service -> OK
[HKLM | Network\NDIS] : Driver Group -> OK
[HKLM | Network\NDIS Wrapper] : Driver Group -> OK
[HKLM | Network\Ndisuio] : Service -> OK
[HKLM | Network\NetBIOS] : Service -> OK
[HKLM | Network\NetBIOSGroup] : Driver Group -> OK
[HKLM | Network\NetBT] : Service -> OK
[HKLM | Network\NetDDEGroup] : Driver Group -> OK
[HKLM | Network\Netlogon] : Service -> OK
[HKLM | Network\NetMan] : Service -> OK
[HKLM | Network\Network] : Driver Group -> OK
[HKLM | Network\NetworkProvider] : Driver Group -> OK
[HKLM | Network\NtLmSsp] : Service -> OK
[HKLM | Network\PCI Configuration] : Driver Group -> OK
[HKLM | Network\PlugPlay] : Service -> OK
[HKLM | Network\PNP Filter] : Driver Group -> OK
[HKLM | Network\PNP_TDI] : Driver Group -> OK
[HKLM | Network\Primary disk] : Driver Group -> OK
[HKLM | Network\rdpcdd.sys] : Driver -> OK
[HKLM | Network\rdpdd.sys] : Driver -> OK
[HKLM | Network\rdpwd.sys] : Driver -> OK
[HKLM | Network\rdsessmgr] : Service -> OK
[HKLM | Network\RpcSs] : Service -> OK
[HKLM | Network\SCSI Class] : Driver Group -> OK
[HKLM | Network\sermouse.sys] : Driver -> OK
[HKLM | Network\sharedaccess] : Service -> OK
[HKLM | Network\sr.sys] : FSFilter System Recovery -> OK
[HKLM | Network\SRService] : Service -> OK
[HKLM | Network\Streams Drivers] : Driver Group -> OK
[HKLM | Network\SYMTDI] : Service -> OK
[HKLM | Network\System Bus Extender] : Driver Group -> OK
[HKLM | Network\Tcpip] : Service -> OK
[HKLM | Network\TDI] : Driver Group -> OK
[HKLM | Network\tdpipe.sys] : Driver -> OK
[HKLM | Network\tdtcp.sys] : Driver -> OK
[HKLM | Network\termservice] : Service -> OK
[HKLM | Network\UploadMgr] : Service -> OK
[HKLM | Network\vga.sys] : Driver -> OK
[HKLM | Network\vgasave.sys] : Driver -> OK
[HKLM | Network\WinMgmt] : Service -> OK
[HKLM | Network\Wlansvc] : Service -> OK
[HKLM | Network\{36FC9E60-C465-11CF-8056-444553540000}] : Universal Serial Bus controllers -> OK
[HKLM | Network\{4D36E965-E325-11CE-BFC1-08002BE10318}] : CD-ROM Drive -> OK
[HKLM | Network\{4D36E967-E325-11CE-BFC1-08002BE10318}] : DiskDrive -> OK
[HKLM | Network\{4D36E969-E325-11CE-BFC1-08002BE10318}] : Standard floppy disk controller -> OK
[HKLM | Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] : Hdc -> OK
[HKLM | Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] : Keyboard -> OK
[HKLM | Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] : Mouse -> OK
[HKLM | Network\{4D36E972-E325-11CE-BFC1-08002BE10318}] : Net -> OK
[HKLM | Network\{4D36E973-E325-11CE-BFC1-08002BE10318}] : NetClient -> OK
[HKLM | Network\{4D36E974-E325-11CE-BFC1-08002BE10318}] : NetService -> OK
[HKLM | Network\{4D36E975-E325-11CE-BFC1-08002BE10318}] : NetTrans -> OK
[HKLM | Network\{4D36E977-E325-11CE-BFC1-08002BE10318}] : PCMCIA Adapters -> OK
[HKLM | Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}] : SCSIAdapter -> OK
[HKLM | Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}] : System -> OK
[HKLM | Network\{4D36E980-E325-11CE-BFC1-08002BE10318}] : Floppy disk drive -> OK
[HKLM | Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] : Volume -> OK
[HKLM | Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] : Human Interface Devices -> OK

¤¤¤¤¤¤¤¤¤¤ | Heuristic | Suspect


¤¤¤¤¤¤¤¤¤¤ | IFEO



14:38:31

¤¤¤¤¤¤¤¤¤¤ | Run

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[Windows Mobile-based device management] : %windir%\WindowsMobile\wmdSync.exe
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[Windows Defender] : %ProgramFiles%\Windows Defender\MSASCui.exe -hide
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[USBToolTip] : C:\PROGRA~1\COMMON~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe [20/02/2007 12:07:40]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[PLFSetI] : C:\Windows\PLFSetI.exe
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[LManager] : C:\Program Files\Launch Manager\LManager.exe [25/02/2012 03:03:26]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[BackupManagerTray] : "C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -k
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[Acer ePower Management] : C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [24/02/2012 17:39:38]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[AdobeAAMUpdater-1.0] : "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[SunJavaUpdateSched] : "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[HotKeysCmds] : C:\Windows\system32\hkcmd.exe [25/02/2012 03:02:33]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[avgnt] : "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
[HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[Sidebar] : %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem
[HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[WindowsWelcomeCenter] : rundll32.exe oobefldr.dll,ShowWelcomeCenter
[HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[Sidebar] : %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem
[HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[WindowsWelcomeCenter] : rundll32.exe oobefldr.dll,ShowWelcomeCenter
[HKU\S-1-5-21-189212149-3443194759-3464892-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[ProductReg] : "C:\Program Files\A
0
Réponse 17 / 21
Utilisateur anonyme
20 juil. 2012 à 14:53
lol faut l'heberger comme indiqué y'en a que 5% là.....
0
Réponse 18 / 21
xNewlifebobbax Messages postés 79 Date d'inscription dimanche 5 juin 2011 Statut Membre Dernière intervention 2 janvier 2013
20 juil. 2012 à 15:04
https://www.cjoint.com/?BGupdbJxa50
0
xNewlifebobbax Messages postés 79 Date d'inscription dimanche 5 juin 2011 Statut Membre Dernière intervention 2 janvier 2013
20 juil. 2012 à 17:10
En attente ... ( juste pour savoir si tu est la ou non )
0
xNewlifebobbax Messages postés 79 Date d'inscription dimanche 5 juin 2011 Statut Membre Dernière intervention 2 janvier 2013
20 juil. 2012 à 18:48
le cijoint dur 4h ...
0
yoann090 Messages postés 9180 Date d'inscription mercredi 12 août 2009 Statut Contributeur sécurité Dernière intervention 13 avril 2016 1 689
20 juil. 2012 à 18:55
Toutes les personnes sur CCM sont bénévoles et ont une vie a coté, si tu avais regardé la fiche de g3n-h@ckm@n tu aurais remarqué qu'il n'est pas la depuis le milieu d'apres midi. Attends son retour...
0
Réponse 19 / 21
Utilisateur anonyme
21 juil. 2012 à 08:56
re

antivir non desactivé recommence

860 | C:\Program Files\Avira\AntiVir Desktop\avguard.exe - SYSTEM - Normal - "C:\Program Files\Avira\AntiVir Desktop\avguard.exe" - 676
0
Réponse 20 / 21
xNewlifebobbax Messages postés 79 Date d'inscription dimanche 5 juin 2011 Statut Membre Dernière intervention 2 janvier 2013
21 juil. 2012 à 20:21
Re

https://www.cjoint.com/?3GvutS7p1AR
0
xNewlifebobbax Messages postés 79 Date d'inscription dimanche 5 juin 2011 Statut Membre Dernière intervention 2 janvier 2013
21 juil. 2012 à 20:21
J'ai pris du temps à le poster parce que mon pc ne fait que ramer ...
0