Sujet Précédent Sujet Suivant

Pub qui s'ouvre des que j'ouvre une page web

Résolu/Fermé
yann252 Messages postés 84 Date d'inscription dimanche 9 septembre 2012 Statut Membre Dernière intervention 30 août 2013 - 9 sept. 2012 à 10:21
 barleey - 23 déc. 2016 à 14:39
Bonjour,
Je vien soliciter votre aide afin de comprendre pourquoi j'ai des pages de pub de toute sorte souvre des que j'ouvre une page que se soit sur explorer ou chrome, il y a aussi le probleme de certain lien: des que je passe ma souris dessus une pub s'affiche et quand je clic cela m'auriente sur une pub evidement ainsi que facebook des mini pub se glisse entre les photo ect...

J'ai deja passé ccleaner et spybot ainsi que avast version gratuite mais rien n'y fait.
Merci d'avance pour votre aide car cela commence a m'énerver serieusement.

Cdt



A voir également:

120 réponses

Précédent
Réponse 81 / 120
yann252 Messages postés 84 Date d'inscription dimanche 9 septembre 2012 Statut Membre Dernière intervention 30 août 2013 4
21 sept. 2012 à 21:24
c bon pre scan kill est passé!


¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Pre_Scan | 2.0920 | g3n-h@ckm@n & Saachaa | ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤ XP | Vista | 7 | 8 - 32/64 bits ¤¤¤¤¤

~ Update on 20/09/2012 | 23.55 by g3n-h@ckm@n
~ Informations | Evolution : https://gen-hackman.kanak.fr/
~ Informations for the switches Pre_Script : https://gen-hackman.kanak.fr/
~ Feedback Pre_scan : https://gen-hackman.kanak.fr/#505
~ Thx to C_XX , Slyk for their help for the evolution of the tool

~ User : yannos (Administrateurs) | SID = S-1-5-21-1170913042-1277233965-3038881231-1000
~ Computer : PC-DE-YANNOS

~ System : Windows Vista (TM) Home Premium (32 bits) HomePremium Service Pack 2
~ RegisteredOwner : yannos
~ RegisteredOrganization :
~ ProcessorNameString : AMD Athlon(tm) 64 X2 Dual Core Processor 5600+
~ Identifier : x86 Family 15 Model 67 Stepping 3

~ Mémory RAM = Total (KB) : 1832720 | Used (%) : 38 | Free (KB) : 1133510
~ Pagefile = Total (KB) : 3921470 | Free (KB) : 3105560
~ Virtual = Total (KB) : 2097020 | Free (KB) : 1921370

¤¤¤¤¤¤¤¤¤¤ | Boot's scripts

C:\Windows\Setup\Scripts\setupcomplete.cmd

¤¤¤¤¤¤¤¤¤¤ | Drives

c:\ -> [Fixed] | [Systeme] | Total : 229720 Mo | Free : 30830 Mo -> NTFS
d:\ -> [Fixed] | [RECOVERY] | Total : 8750 Mo | Free : 4470 Mo -> NTFS

Scan : 20:14:11 | 21/09/2012

¤¤¤¤¤¤¤¤¤¤ | Windows Updates

Last(s) détection(s) : 2012-09-20 12:23:45
Last(s) download(s) : 2012-09-19 14:47:22
Last(s) installation(s) : 2012-09-19 14:53:56
Next search : 2012-09-21 19:59:16


~ C:\Windows\system32\config\systemprofile
~ C:\Windows\ServiceProfiles\LocalService
~ C:\Windows\ServiceProfiles\NetworkService
~ C:\Users\yannos
~ C:\Users\Mcx1

New restorepoint created


¤¤¤¤¤¤¤¤¤¤ | MD5 Control

[MD5.F42035F832413D6BCC40EA3B636E2907] - [21/09/2012 20:14:12] - [0.5 Ko] - C:\Pre_Scan\MBR.bin
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - [11/09/2009 16:07:44] - (.© Microsoft Corporation. - Explorateur Windows.) - [2858 Ko] - (6.0.6002.18005) - C:\Windows\explorer.exe
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - [14/09/2012 17:29:02] - (.© Microsoft Corporation. - Explorateur Windows.) - [2858 Ko] - (6.0.6002.18005) - C:\Windows\erdnt\cache\explorer.exe
[MD5.FD8C53FB002217F6F888BCF6F5D7084D] - [02/11/2006 10:47:18] - (.© Microsoft Corporation. - Explorateur Windows.) - [2855 Ko] - (6.0.6000.16386) - C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[MD5.6D06CD98D954FE87FB2DB8108793B399] - [12/12/2007 13:41:18] - (.© Microsoft Corporation. - Explorateur Windows.) - [2855 Ko] - (6.0.6000.16549) - C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[MD5.37440D09DEAE0B672A04DCCF7ABF06BE] - [12/12/2008 18:40:51] - (.© Microsoft Corporation. - Explorateur Windows.) - [2855 Ko] - (6.0.6000.16771) - C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[MD5.BD06F0BF753BC704B653C3A50F89D362] - [12/12/2007 13:41:17] - (.© Microsoft Corporation. - Explorateur Windows.) - [2855 Ko] - (6.0.6000.20668) - C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[MD5.E7156B0B74762D9DE0E66BDCDE06E5FB] - [12/12/2008 18:40:51] - (.© Microsoft Corporation. - Explorateur Windows.) - [2855 Ko] - (6.0.6000.20947) - C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[MD5.FFA764631CB70A30065C12EF8E174F9F] - [18/06/2008 13:49:09] - (.© Microsoft Corporation. - Explorateur Windows.) - [2858.5 Ko] - (6.0.6001.18000) - C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
[MD5.4F554999D7D5F05DAAEBBA7B5BA1089D] - [12/12/2008 18:40:52] - (.© Microsoft Corporation. - Explorateur Windows.) - [2858.5 Ko] - (6.0.6001.18164) - C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[MD5.50BA5850147410CDE89C523AD3BC606E] - [12/12/2008 18:40:52] - (.© Microsoft Corporation. - Explorateur Windows.) - [2859 Ko] - (6.0.6001.22298) - C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - [11/09/2009 16:07:44] - (.© Microsoft Corporation. - Explorateur Windows.) - [2858 Ko] - (6.0.6002.18005) - C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[MD5.ABCA209EBA02CB59233614DB83B4F50D] - [18/06/2008 13:46:27] - (.© Microsoft Corporation. - Processus d'exécuttion client-serveur.) - [6 Ko] - (6.0.6001.18000) - C:\Windows\System32\csrss.exe
[MD5.117B7C8A8B026A5DCE5E3180ED05E823] - [02/11/2006 10:33:03] - (.© Microsoft Corporation. - Processus d'exécuttion client-serveur.) - [7.5 Ko] - (6.0.6000.16386) - C:\Windows\winsxs\x86_microsoft-windows-csrss_31bf3856ad364e35_6.0.6000.16386_none_56ad21dbe72a9d78\csrss.exe
[MD5.ABCA209EBA02CB59233614DB83B4F50D] - [18/06/2008 13:46:27] - (.© Microsoft Corporation. - Client Server Runtime Process.) - [6 Ko] - (6.0.6001.18000) - C:\Windows\winsxs\x86_microsoft-windows-csrss_31bf3856ad364e35_6.0.6001.18000_none_58e3e3d7e415ae4c\csrss.exe
[MD5.D4E6D91C1349B7BFB3599A6ADA56851B] - [14/09/2012 17:29:01] - (.© Microsoft Corporation. - Applications Services et Contrôleur.) - [273 Ko] - (6.0.6002.18005) - C:\Windows\erdnt\cache\services.exe
[MD5.D4E6D91C1349B7BFB3599A6ADA56851B] - [11/09/2009 16:07:15] - (.© Microsoft Corporation. - Applications Services et Contrôleur.) - [273 Ko] - (6.0.6002.18005) - C:\Windows\System32\services.exe
[MD5.329CF3C97CE4C19375C8ABCABAE258B0] - [02/11/2006 10:35:31] - (.© Microsoft Corporation. - Applications Services et Contrôleur.) - [273 Ko] - (6.0.6000.16386) - C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6000.16386_none_cd28fe6bd05df036\services.exe
[MD5.2B336AB6286D6C81FA02CBAB914E3C6C] - [18/06/2008 13:48:36] - (.© Microsoft Corporation. - Applications Services et Contrôleur.) - [272.5 Ko] - (6.0.6001.18000) - C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe
[MD5.D4E6D91C1349B7BFB3599A6ADA56851B] - [11/09/2009 16:07:15] - (.© Microsoft Corporation. - Applications Services et Contrôleur.) - [273 Ko] - (6.0.6002.18005) - C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe
[MD5.98AF15A94CD6AC37248E72E5FE789B35] - [11/09/2009 16:06:13] - (.© Microsoft Corporation. - Windows Session Manager.) - [62.5 Ko] - (6.0.6002.18005) - C:\Windows\System32\smss.exe
[MD5.CAA75757BB3695478C23CB0624342A61] - [02/11/2006 10:33:05] - (.© Microsoft Corporation. - Windows Session Manager.) - [61.5 Ko] - (6.0.6000.16386) - C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6000.16386_none_aa03e6011c468ee6\smss.exe
[MD5.6701DDAF68BEDE6BBEEA9D514D73A35B] - [18/06/2008 13:47:49] - (.© Microsoft Corporation. - Windows Session Manager.) - [62.5 Ko] - (6.0.6001.18000) - C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6001.18000_none_ac3aa7fd19319fba\smss.exe
[MD5.98AF15A94CD6AC37248E72E5FE789B35] - [11/09/2009 16:06:13] - (.© Microsoft Corporation. - Windows Session Manager.) - [62.5 Ko] - (6.0.6002.18005) - C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.18005_none_ae26210916536b06\smss.exe
[MD5.0E135526E9785D085BCD9AEDE6FBCBF9] - [14/09/2012 17:29:02] - (.© Microsoft Corporation. - Application d'ouverture de session Userinit.) - [24.5 Ko] - (6.0.6001.18000) - C:\Windows\erdnt\cache\userinit.exe
[MD5.0E135526E9785D085BCD9AEDE6FBCBF9] - [18/06/2008 13:46:58] - (.© Microsoft Corporation. - Application d'ouverture de session Userinit.) - [24.5 Ko] - (6.0.6001.18000) - C:\Windows\System32\userinit.exe
[MD5.22027835939F86C3E47AD8E3FBDE3D11] - [02/11/2006 10:43:52] - (.© Microsoft Corporation. - Application d'ouverture de session Userinit.) - [24 Ko] - (6.0.6000.16386) - C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
[MD5.0E135526E9785D085BCD9AEDE6FBCBF9] - [18/06/2008 13:46:58] - (.© Microsoft Corporation. - Application d'ouverture de session Userinit.) - [24.5 Ko] - (6.0.6001.18000) - C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - [14/09/2012 17:29:03] - (.© Microsoft Corporation. - Application de démarrage de Windows.) - [94.5 Ko] - (6.0.6001.18000) - C:\Windows\erdnt\cache\wininit.exe
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - [18/06/2008 13:48:25] - (.© Microsoft Corporation. - Application de démarrage de Windows.) - [94.5 Ko] - (6.0.6001.18000) - C:\Windows\System32\wininit.exe
[MD5.D4385B03E8CCCEE6F0EE249F827C1F3E] - [02/11/2006 10:44:42] - (.© Microsoft Corporation. - Application de démarrage de Windows.) - [93.5 Ko] - (6.0.6000.16386) - C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6000.16386_none_2ebbf6d3076595ce\wininit.exe
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - [18/06/2008 13:48:25] - (.© Microsoft Corporation. - Application de démarrage de Windows.) - [94.5 Ko] - (6.0.6001.18000) - C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
[MD5.898E7C06A350D4A1A64A9EA264D55452] - [14/09/2012 17:29:01] - (.© Microsoft Corporation. - Application d'ouverture de session Windows.) - [307 Ko] - (6.0.6002.18005) - C:\Windows\erdnt\cache\winlogon.exe
[MD5.898E7C06A350D4A1A64A9EA264D55452] - [11/09/2009 16:06:57] - (.© Microsoft Corporation. - Application d'ouverture de session Windows.) - [307 Ko] - (6.0.6002.18005) - C:\Windows\System32\winlogon.exe
[MD5.9F75392B9128A91ABAFB044EA350BAAD] - [02/11/2006 10:44:42] - (.© Microsoft Corporation. - Windows Logon Application.) - [301 Ko] - (6.0.6000.16386) - C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[MD5.C2610B6BDBEFC053BBDAB4F1B965CB24] - [18/06/2008 13:48:45] - (.© Microsoft Corporation. - Application d'ouverture de session Windows.) - [307.5 Ko] - (6.0.6001.18000) - C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
[MD5.898E7C06A350D4A1A64A9EA264D55452] - [11/09/2009 16:06:57] - (.© Microsoft Corporation. - Application d'ouverture de session Windows.) - [307 Ko] - (6.0.6002.18005) - C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[MD5.3911B972B55FEA0478476B2E777B29FA] - [17/06/2011 18:50:55] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [267 Ko] - (6.0.6002.18457) - C:\Windows\System32\drivers\afd.sys
[MD5.5D24CAF8EFD924A875698FF28384DB8B] - [02/11/2006 10:58:43] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [264 Ko] - (6.0.6000.16386) - C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6000.16386_none_d5b1809661820e7c\afd.sys
[MD5.763E172A55177E478CB419F88FD0BA03] - [18/06/2008 13:48:43] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [267.5 Ko] - (6.0.6001.18000) - C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6001.18000_none_d7e842925e6d1f50\afd.sys
[MD5.48EB99503533C27AC6135648E5474457] - [17/06/2011 18:50:54] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [267 Ko] - (6.0.6001.18639) - C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6001.18639_none_d7d0e0cc5e7d461c\afd.sys
[MD5.C8AF25017CECB75906A571AC70D2D306] - [17/06/2011 18:50:55] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [267.5 Ko] - (6.0.6001.22905) - C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6001.22905_none_d876efff77862705\afd.sys
[MD5.A201207363AA900ABF1A388468688570] - [11/09/2009 16:06:17] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [267.5 Ko] - (6.0.6002.18005) - C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.18005_none_d9d3bb9e5b8eea9c\afd.sys
[MD5.3911B972B55FEA0478476B2E777B29FA] - [17/06/2011 18:50:55] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [267 Ko] - (6.0.6002.18457) - C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.18457_none_d99fb42e5bb59d9b\afd.sys
[MD5.70EE0FC7A0F384DBD929A01384AEEB4B] - [17/06/2011 18:50:55] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [267.5 Ko] - (6.0.6002.22629) - C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.22629_none_da4bc33774b91967\afd.sys
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - [14/09/2012 17:29:01] - (.© Microsoft Corporation. - ATAPI IDE Miniport Driver.) - [19.48 Ko] - (6.0.6002.18005) - C:\Windows\erdnt\cache\atapi.sys
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - [11/09/2009 16:06:48] - (.© Microsoft Corporation. - ATAPI IDE Miniport Driver.) - [19.48 Ko] - (6.0.6002.18005) - C:\Windows\System32\drivers\atapi.sys
[MD5.2D9C903DC76A66813D350A562DE40ED9] - [18/06/2008 13:47:45] - (.© Microsoft Corporation. - ATAPI IDE Miniport Driver.) - [21.05 Ko] - (6.0.6001.18000) - C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - [11/09/2009 16:06:48] - (.© Microsoft Corporation. - ATAPI IDE Miniport Driver.) - [19.48 Ko] - (6.0.6002.18005) - C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[MD5.6B4BFFB9BECD728097024276430DB314] - [11/09/2009 16:06:03] - (.© Microsoft Corporation. - SCSI CD-ROM Driver.) - [65.5 Ko] - (6.0.6002.18005) - C:\Windows\System32\drivers\cdrom.sys
[MD5.1EC25CEA0DE6AC4718BF89F9E1778B57] - [18/06/2008 13:46:32] - (.© Microsoft Corporation. - SCSI CD-ROM Driver.) - [65.5 Ko] - (6.0.6001.18000) - C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[MD5.6B4BFFB9BECD728097024276430DB314] - [11/09/2009 16:06:03] - (.© Microsoft Corporation. - SCSI CD-ROM Driver.) - [65.5 Ko] - (6.0.6002.18005) - C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - [11/09/2009 16:06:47] - (.© Microsoft Corporation. - MBT Transport driver.) - [181.5 Ko] - (6.0.6002.18005) - C:\Windows\System32\drivers\netbt.sys
[MD5.E3A168912E7EEFC3BD3B814720D68B41] - [02/11/2006 10:57:20] - (.© Microsoft Corporation. - MBT Transport driver.) - [180 Ko] - (6.0.6000.16386) - C:\Windows\winsxs\x86_microsoft-windows-netbt_31bf3856ad364e35_6.0.6000.16386_none_5e2e0665fa591691\netbt.sys
[MD5.7C5FEE5B1C5728507CD96FB4A13E7A02] - [18/06/2008 13:47:31] - (.© Microsoft Corporation. - MBT Transport driver.) - [180 Ko] - (6.0.6001.18000) - C:\Windows\winsxs\x86_microsoft-windows-netbt_31bf3856ad364e35_6.0.6001.18000_none_6064c861f7442765\netbt.sys
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - [11/09/2009 16:06:47] - (.© Microsoft Corporation. - MBT Transport driver.) - [181.5 Ko] - (6.0.6002.18005) - C:\Windows\winsxs\x86_microsoft-windows-netbt_31bf3856ad364e35_6.0.6002.18005_none_6250416df465f2b1\netbt.sys
[MD5.76B06EB8A01FC8624D699E7045303E54] - [14/09/2012 17:29:01] - (.© Microsoft Corporation. - TDI Translation Driver.) - [70.5 Ko] - (6.0.6002.18005) - C:\Windows\erdnt\cache\tdx.sys
[MD5.76B06EB8A01FC8624D699E7045303E54] - [11/09/2009 16:06:15] - (.© Microsoft Corporation. - TDI Translation Driver.) - [70.5 Ko] - (6.0.6002.18005) - C:\Windows\System32\drivers\tdx.sys
[MD5.AB4FDE8AF4A0270A46A001C08CBCE1C2] - [02/11/2006 10:57:35] - (.© Microsoft Corporation. - TDI Translation Driver.) - [66.5 Ko] - (6.0.6000.16386) - C:\Windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6000.16386_none_e807064fdf2a97e3\tdx.sys
[MD5.D09276B1FAB033CE1D40DCBDF303D10F] - [18/06/2008 13:47:58] - (.© Microsoft Corporation. - TDI Translation Driver.) - [70 Ko] - (6.0.6001.18000) - C:\Windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6001.18000_none_ea3dc84bdc15a8b7\tdx.sys
[MD5.76B06EB8A01FC8624D699E7045303E54] - [11/09/2009 16:06:15] - (.© Microsoft Corporation. - TDI Translation Driver.) - [70.5 Ko] - (6.0.6002.18005) - C:\Windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6002.18005_none_ec294157d9377403\tdx.sys
[MD5.147281C01FCB1DF9252DE2A10D5E7093] - [11/09/2009 16:06:51] - (.© Microsoft Corporation. - Pilote de cliché instantané du volume.) - [220.98 Ko] - (6.0.6002.18005) - C:\Windows\System32\drivers\volsnap.sys
[MD5.D8B4A53DD2769F226B3EB374374987C9] - [18/06/2008 13:49:13] - (.© Microsoft Corporation. - Volume Shadow Copy Driver.) - [222.55 Ko] - (6.0.6001.18000) - C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6001.18000_none_15b6b780fc14facd\volsnap.sys
[MD5.147281C01FCB1DF9252DE2A10D5E7093] - [11/09/2009 16:06:51] - (.© Microsoft Corporation. - Volume Shadow Copy Driver.) - [220.98 Ko] - (6.0.6002.18005) - C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6002.18005_none_17a2308cf936c619\volsnap.sys

20:15:50

¤¤¤¤¤¤¤¤¤¤ | Processes stopped

MsMpEng.exe (1040) -> Process stopped !
Ati2evxx.exe (1128) -> Process stopped !
LVPrcSrv.exe (1200) -> Process stopped !
SLsvc.exe (1412) -> Process stopped !
spoolsv.exe (1828) -> Process stopped !
Ati2evxx.exe (1892) -> Process stopped !
armsvc.exe (560) -> Process stopped !
AppleMobileDeviceService.exe (1684) -> Process stopped !
taskeng.exe (576) -> Process stopped !
taskeng.exe (2092) -> Process stopped !
explorer.exe (2200) -> Process stopped !
mDNSResponder.exe (2240) -> Process stopped !
LSSrvc.exe (2292) -> Process stopped !
LVComSer.exe (2400) -> Process stopped !
mbamscheduler.exe (2464) -> Process stopped !
LVComSer.exe (2488) -> Process stopped !
mbamgui.exe (2668) -> Process stopped !
PRISMXL.SYS (2744) -> Process stopped !
SearchIndexer.exe (2908) -> Process stopped !
Communications_Helper.exe (3016) -> Process stopped !
Quickcam.exe (3064) -> Process stopped !
PWRISOVM.EXE (3204) -> Process stopped !
UMonit.exe (3256) -> Process stopped !
WUDFHost.exe (3276) -> Process stopped !
winampa.exe (3416) -> Process stopped !
SMSTray.exe (3636) -> Process stopped !
realsched.exe (2980) -> Process stopped !
jusched.exe (3120) -> Process stopped !
MOM.exe (2088) -> Process stopped !
msseces.exe (3452) -> Process stopped !
sidebar.exe (3616) -> Process stopped !
ehtray.exe (3680) -> Process stopped !
wmpnscfg.exe (2932) -> Process stopped !
erifbrgc.exe (3964) -> Process stopped !
mobsync.exe (3792) -> Process stopped !
ehmsas.exe (2428) -> Process stopped !
wmplayer.exe (3348) -> Process stopped !
wmpnetwk.exe (2160) -> Process stopped !
COCIManager.exe (4988) -> Process stopped !
CCC.exe (3192) -> Process stopped !
conime.exe (7528) -> Process stopped !
conime.exe (8016) -> Process stopped !
conime.exe (9276) -> Process stopped !
conime.exe (9400) -> Process stopped !
conime.exe (12768) -> Process stopped !
conime.exe (14176) -> Process stopped !
conime.exe (12492) -> Process stopped !
taskeng.exe (6768) -> Process stopped !

¤¤¤¤¤¤¤¤¤¤ | Running processes

Boot : Normal

[MD5.98AF15A94CD6AC37248E72E5FE789B35] - [11/09/2009 16:06:13] - 468 | C:\Windows\System32\smss.exe (.Microsoft Corporation - Windows Session Manager.) - (6.0.6002.18005) -> \SystemRoot\System32\smss.exe [64000 Ko]
[MD5.ABCA209EBA02CB59233614DB83B4F50D] - [18/06/2008 13:46:27] - 600 | C:\Windows\system32\csrss.exe (.Microsoft Corporation - Processus d'exécuttion client-serveur.) - (6.0.6001.18000) -> C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16 [6144 Ko]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - [18/06/2008 13:48:25] - 664 | C:\Windows\system32\wininit.exe (.Microsoft Corporation - Application de démarrage de Windows.) - (6.0.6001.18000) -> wininit.exe [96768 Ko]
[MD5.ABCA209EBA02CB59233614DB83B4F50D] - [18/06/2008 13:46:27] - 676 | C:\Windows\system32\csrss.exe (.Microsoft Corporation - Processus d'exécuttion client-serveur.) - (6.0.6001.18000) -> C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16 [6144 Ko]
[MD5.17FFE3A6642B5DE7E93DBC21E124FA19] - [11/09/2009 16:07:15] - 712 | C:\Windows\system32\services.exe (.Microsoft Corporation - Applications Services et Contrôleur.) - (6.0.6002.18005) -> C:\Windows\system32\services.exe [279552 Ko]
[MD5.A3E186B4B935905B829219502557314E] - [16/01/2012 16:57:33] - 728 | C:\Windows\system32\lsass.exe (.Microsoft Corporation - Processus de l'autorité de sécurité locale.) - (6.0.6002.18541) -> C:\Windows\system32\lsass.exe [9728 Ko]
[MD5.7564348D8F099A4441C1A71875E104B5] - [18/06/2008 13:49:07] - 736 | C:\Windows\system32\lsm.exe (.Microsoft Corporation - Service du gestionnaire de session locale.) - (6.0.6001.18000) -> C:\Windows\system32\lsm.exe [229888 Ko]
[MD5.7A556AB2E204BF52993C0C56B61064C5] - [11/09/2009 16:06:57] - 852 | C:\Windows\system32\winlogon.exe (.Microsoft Corporation - Application d'ouverture de session Windows.) - (6.0.6002.18005) -> winlogon.exe [314368 Ko]
[MD5.3794B461C45882E06856F282EEF025AF] - [18/06/2008 13:47:10] - 920 | C:\Windows\system32\svchost.exe (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.0.6001.18000) -> C:\Windows\system32\svchost.exe -k DcomLaunch [21504 Ko]
[MD5.3794B461C45882E06856F282EEF025AF] - [18/06/2008 13:47:10] - 984 | C:\Windows\system32\svchost.exe (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.0.6001.18000) -> C:\Windows\system32\svchost.exe -k rpcss [21504 Ko]
[MD5.3794B461C45882E06856F282EEF025AF] - [18/06/2008 13:47:10] - 1148 | C:\Windows\System32\svchost.exe (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.0.6001.18000) -> C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [21504 Ko]
[MD5.3794B461C45882E06856F282EEF025AF] - [18/06/2008 13:47:10] - 1188 | C:\Windows\System32\svchost.exe (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.0.6001.18000) -> C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [21504 Ko]
[MD5.3794B461C45882E06856F282EEF025AF] - [18/06/2008 13:47:10] - 1316 | C:\Windows\system32\svchost.exe (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.0.6001.18000) -> C:\Windows\system32\svchost.exe -k netsvcs [21504 Ko]
[MD5.3794B461C45882E06856F282EEF025AF] - [18/06/2008 13:47:10] - 1392 | C:\Windows\system32\svchost.exe (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.0.6001.18000) -> C:\Windows\system32\svchost.exe -k GPSvcGroup [21504 Ko]
[MD5.3794B461C45882E06856F282EEF025AF] - [18/06/2008 13:47:10] - 1456 | C:\Windows\system32\svchost.exe (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.0.6001.18000) -> C:\Windows\system32\svchost.exe -k LocalService [21504 Ko]
[MD5.3794B461C45882E06856F282EEF025AF] - [18/06/2008 13:47:10] - 1592 | C:\Windows\system32\svchost.exe (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.0.6001.18000) -> C:\Windows\system32\svchost.exe -k NetworkService [21504 Ko]
[MD5.3794B461C45882E06856F282EEF025AF] - [18/06/2008 13:47:10] - 1856 | C:\Windows\system32\svchost.exe (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.0.6001.18000) -> C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork [21504 Ko]
[MD5.BBA31B625E7B1BCAFE4A30387E9E8238] - [30/06/2007 17:55:26] - 1892 | C:\Windows\system32\Ati2evxx.exe (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - (6.14.10.4222) -> Ati2evxx.exe -Client [733184 Ko]
[MD5.AC0429539F33CEE12CD626CDCB5C9301] - [14/12/2010 22:54:39] - 2092 | C:\Windows\system32\taskeng.exe (.Microsoft Corporation - Moteur du Planificateur de tâches.) - (6.0.6002.18342) -> taskeng.exe {3A23D013-942B-4679-A50D-C0DC598DFEE3} [171520 Ko]
[MD5.01DD1004181FD46ECDC3628228EB269D] - [11/09/2009 16:06:52] - 2128 | C:\Windows\system32\Dwm.exe (.Microsoft Corporation - Gestionnaire de fenêtres du Bureau.) - (6.0.6002.18005) -> "C:\Windows\system32\Dwm.exe" [81920 Ko]
[MD5.1BCF1988220D69B48B41290351D4C847] - [20/07/2007 00:38:54] - 2488 | C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe (.Logitech Inc. - Logitech Video COM Service.) - (1.0.1.2021) -> "C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe" /keymon [186904 Ko]
[MD5.5F72F7B89D2FFFF87786231DB9F92BCF] - [13/09/2012 17:01:02] - 2568 | C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - (1.65.0.0) -> "C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe" [676936 Ko]
[MD5.3794B461C45882E06856F282EEF025AF] - [18/06/2008 13:47:10] - 2700 | C:\Windows\system32\svchost.exe (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.0.6001.18000) -> C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted [21504 Ko]
[MD5.3794B461C45882E06856F282EEF025AF] - [18/06/2008 13:47:10] - 2776 | C:\Windows\system32\svchost.exe (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.0.6001.18000) -> C:\Windows\system32\svchost.exe -k imgsvc [21504 Ko]
[MD5.3794B461C45882E06856F282EEF025AF] - [18/06/2008 13:47:10] - 2820 | C:\Windows\System32\svchost.exe (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.0.6001.18000) -> C:\Windows\System32\svchost.exe -k WerSvcGroup [21504 Ko]
[MD5.8274C87726D4561EE8750D883764ACC1] - [11/09/2009 16:06:08] - 888 | C:\Windows\system32\wbem\unsecapp.exe (.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) - (6.0.6002.18005) -> C:\Windows\system32\wbem\unsecapp.exe -Embedding [37888 Ko]
[MD5.9E69F26034694A7FD5F1596A71F60DD1] - [11/09/2009 16:07:31] - 2652 | C:\Windows\system32\wbem\wmiprvse.exe (.Microsoft Corporation - WMI Provider Host.) - (6.0.6002.18005) -> C:\Windows\system32\wbem\wmiprvse.exe [247296 Ko]
[MD5.3794B461C45882E06856F282EEF025AF] - [18/06/2008 13:47:10] - 4524 | C:\Windows\system32\svchost.exe (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.0.6001.18000) -> C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [21504 Ko]
[MD5.AC0429539F33CEE12CD626CDCB5C9301] - [14/12/2010 22:54:39] - 6768 | C:\Windows\system32\taskeng.exe (.Microsoft Corporation - Moteur du Planificateur de tâches.) - (6.0.6002.18342) -> taskeng.exe {532BB841-8449-4D3B-93E7-09FE084925AC} [171520 Ko]
[MD5.9E69F26034694A7FD5F1596A71F60DD1] - [11/09/2009 16:07:31] - 7020 | C:\Windows\system32\wbem\wmiprvse.exe (.Microsoft Corporation - WMI Provider Host.) - (6.0.6002.18005) -> C:\Windows\system32\wbem\wmiprvse.exe [247296 Ko]
[MD5.F150883C9D31A352A05362AFDF2F161C] - [21/09/2012 17:17:51] - 14608 | C:\Users\yannos\Desktop\winlogon.exe (. - g3n-h@ckm@n.) - (2.0.9.20) -> "C:\Users\yannos\Desktop\winlogon.exe" [1762422 Ko]
[MD5.BD8235468636C0336809E02870F6A9F4] - [18/06/2008 13:48:15] - 14704 | C:\Windows\system32\WUDFHost.exe (.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l'infrastructure de pilotes en mode utilisateur.) - (6.0.6001.18000) -> "C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-463e8399-9f42-46fc-927b-469be53c320b -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-59a48917-b528-4b54-aa89-6a584a076bae -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-66266776-aefd-418f-9de0-d9821b2e0e08 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:c33daea3-25b3-4745-bbf9-f5f56607ddd2 [142336 Ko]
[MD5.90DC23D940551DB35367FB1E40575B25] - [11/11/2010 12:26:40] - 14948 | c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (.Microsoft Corporation - Antimalware Service Executable.) - (3.0.8107.0) -> "c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe" [11736 Ko]
[MD5.6080A176D09435FC8E6E800996656E18] - [11/09/2009 16:06:17] - 14456 | C:\Windows\system32\conime.exe (.Microsoft Corporation - Console IME.) - (6.0.6002.18005) -> C:\Windows\system32\conime.exe [69120 Ko]
[MD5.701AAD2C6A028D1A53F15B904E78218A] - [11/09/2009 16:08:09] - 2632 | C:\Windows\system32\SearchIndexer.exe (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.6002.18005) -> C:\Windows\system32\SearchIndexer.exe /Embedding [441344 Ko]
[MD5.DEA3C2999A915F45B2F17A825226B80E] - [18/06/2008 13:48:38] - 4168 | C:\Program Files\Windows Media Player\wmpnetwk.exe (.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) - (11.0.6001.7000) -> "C:\Program Files\Windows Media Player\wmpnetwk.exe" [896512 Ko]
[MD5.AC0429539F33CEE12CD626CDCB5C9301] - [14/12/2010 22:54:39] - 7280 | C:\Windows\system32\taskeng.exe (.Microsoft Corporation - Moteur du Planificateur de tâches.) - (6.0.6002.18342) -> taskeng.exe {50F93F23-B2E2-4B81-8D6C-351D23CC042C} [171520 Ko]
[MD5.8554097E5136C3BF9F69FE578A1B35F4] - [16/09/2010 17:54:47] - 7740 | C:\Windows\System32\spoolsv.exe (.Microsoft Corporation - Application sous-système spouleur.) - (6.0.6002.18294) -> C:\Windows\System32\spoolsv.exe [128000 Ko]
[MD5.20F6F19FE9E753F2780DC2FA083AD597] - [25/05/2011 14:06:20] - 7040 | C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (.Apple Inc. - MobileDeviceService.) - (17.66.0.47) -> "C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" [37664 Ko]
[MD5.1DEBC8BCFDEFF1DC081B9C3D339681F0] - [11/09/2009 16:07:55] - 6160 | C:\Windows\system32\SearchProtocolHost.exe (.Microsoft Corporation - Microsoft Windows Search Protocol Host.) - (7.0.6002.18005) -> "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" [185344 Ko]
[MD5.C9EE7FF225EAC1CB9C78C413667CDB80] - [11/09/2009 16:07:55] - 4416 | C:\Windows\system32\SearchFilterHost.exe (.Microsoft Corporation - Microsoft Windows Search Filter Host.) - (7.0.6002.18005) -> "C:\Windows\system32\SearchFilterHost.exe" 0 620 624 632 65536 628 [87552 Ko]

¤¤¤¤¤¤¤¤¤¤ | Winlogon


¤

[HKLM | Winlogon]|[Shell] : Explorer.exe
[HKLM | Winlogon]|[AutoRestartShell] : 0
[HKLM | Winlogon]|[userinit] : C:\Windows\system32\userinit.exe,
[HKLM | Winlogon]|[PowerDownAfterShutdown] : 0 -> 1
[HKLM | Winlogon]|[System] :

¤¤¤¤¤¤¤¤¤¤ | Associations

[.exe] : exefile
[exefile | command] : "%1" %*
[.com] : ComFile
[comfile | command] : "%1" %*
[.reg] : regfile
[regfile | command] : regedit.exe "%1"
[.scr] : scrfile
[scrfile | command] : "%1" /S
[.bat] : batfile
[batfile | command] : "%1" %*
[.cmd] : cmdfile
[cmdfile | command] : "%1" %*
[.pif] : piffile
[piffile | command] : "%1" %*
[.url] : InternetShortcut
[InternetShortcut | command] : "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l
[Application.Manifest | command] : rundll32.exe dfshim.dll,ShOpenVerbApplication %1
[Application.Reference | command] : rundll32.exe dfshim.dll,ShOpenVerbShortcut %1|%2
[Folder | command] : C:\Windows\explorer.exe

¤

[Firefox | Command] | @ : C:\Program Files\Mozilla Firefox\firefox.exe -> "C:\Program Files\Mozilla Firefox\Firefox.exe"
[Firefox - Safemode | Command] | @ : "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode
[IE | Command] | @ : "C:\Program Files\Internet Explorer\iexplore.exe"
[Applications | IE | Command] | @ : "C:\Program Files\Internet Explorer\iexplore.exe" %1
[Assoc | Applications] | @ : http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s -> http://shell.windows.com/fileassoc/%04x/xml/redir.asp?Ext=%s

¤¤¤¤¤¤¤¤¤¤ | Corrections diverses

[HKLM | Advanced\Folder\Hidden\SHOWALL]|[CheckedValue] : 1
[HKLM | CurrentVersion\Explorer]|[AlwaysUnloadDll] : -> 1
[HKU\S-1-5-19 | Desktop]|[Wallpaper] : C:\windows\Web\Wallpaper\img24.jpg
[HKU\S-1-5-20 | Desktop]|[Wallpaper] : C:\windows\Web\Wallpaper\img24.jpg
[HKU\S-1-5-21-1170913042-1277233965-3038881231-1000 | Desktop]|[Wallpaper] : C:\Users\yannos\Pictures\Mes images\Mes images\300799_10150365221549411_567069410_8099136_1478819840_n.jpg
[HKU\S-1-5-18 | Desktop]|[Wallpaper] : (None)
[HKU\S-1-5-19 | Explorer\Advanced]|[Hidden] : -> 0
[HKU\S-1-5-20 | Explorer\Advanced]|[Hidden] : -> 0
[HKU\S-1-5-21-1170913042-1277233965-3038881231-1000 | Explorer\Advanced]|[Hidden] : 2 -> 0
[HKU\S-1-5-21-1170913042-1277233965-3038881231-1000_Classes | Explorer\Advanced]|[Hidden] : -> 0
[HKU\S-1-5-18 | Explorer\Advanced]|[Hidden] : -> 0
[HKLM | Policies\System]|[DisableRegistryTools] : 0
[HKLM | Control\SafeBoot]|[AlternateShell] : cmd.exe
[HKLM | HideDesktopIcons\NewStartPanel]|[{9343812e-1c37-4a49-a12e-4b2d810d956b}] : 1 -> 0
[HKLM | HideDesktopIcons\NewStartPanel]|[{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}] : 1 -> 0
[HKLM | HideDesktopIcons\NewStartPanel]|[{20D04FE0-3AEA-1069-A2D8-08002B30309D}] : 1 -> 0
[HKLM | HideDesktopIcons\NewStartPanel]|[{208D2C60-3AEA-1069-A2D7-08002B30309D}] : 1 -> 0
[HKLM | HideDesktopIcons\NewStartPanel]|[{871C5380-42A0-1069-A2EA-08002B30309D}] : 1 -> 0
[HKLM | HideDesktopIcons\NewStartPanel]|[{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}] : 1 -> 0
[HKLM | HideDesktopIcons\NewStartPanel]|[{59031a47-3f72-44a7-89c5-5595fe6b30ee}] : 1 -> 0

20:15:54

¤¤¤¤¤¤¤¤¤¤ | SafeBoot | Control | Repair

[HKLM | Safeboot] -> OK
[HKLM | Safeboot\Minimal] -> OK
[HKLM | Safeboot\Network] -> OK

¤

[HKLM | Minimal\Base] : Driver Group -> OK
[HKLM | Minimal\Boot Bus Extender] : Driver Group -> OK
[HKLM | Minimal\Boot file system] : Driver Group -> OK
[HKLM | Minimal\File system] : Driver Group -> OK
[HKLM | Minimal\Filter] : Driver Group -> OK
[HKLM | Minimal\PCI Configuration] : Driver Group -> OK
[HKLM | Minimal\PNP Filter] : Driver Group -> OK
[HKLM | Minimal\Primary disk] : Driver Group -> OK
[HKLM | Minimal\SCSI Class] : Driver Group -> OK
[HKLM | Minimal\System Bus Extender] : Driver Group -> OK
[HKLM | Minimal\AppMgmt] : Service -> OK
[HKLM | Minimal\CryptSvc] : Service -> OK
[HKLM | Minimal\DcomLaunch] : Service -> OK
[HKLM | Minimal\dmadmin] : -> Service
[HKLM | Minimal\dmserver] : -> Service
[HKLM | Minimal\EventLog] : Service -> OK
[HKLM | Minimal\HelpSvc] : Service -> OK
[HKLM | Minimal\Netlogon] : Service -> OK
[HKLM | Minimal\PlugPlay] : Service -> OK
[HKLM | Minimal\RpcSs] : Service -> OK
[HKLM | Minimal\SRService] : -> Service
[HKLM | Minimal\vds] : Service -> OK
[HKLM | Minimal\WinMgmt] : Service -> OK
[HKLM | Minimal\dmboot.sys] : -> Driver
[HKLM | Minimal\dmio.sys] : -> Driver
[HKLM | Minimal\dmload.sys] : -> Driver
[HKLM | Minimal\sermouse.sys] : Driver -> OK
[HKLM | Minimal\vga.sys] : Driver -> OK
[HKLM | Minimal\vgasave.sys] : Driver -> OK
[HKLM | Minimal\sr.sys] : -> FSFilter System Recovery
[HKLM | Minimal\{36FC9E60-C465-11CF-8056-444553540000}] : Universal Serial Bus controllers -> OK
[HKLM | Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] : CD-ROM Drive -> OK
[HKLM | Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] : DiskDrive -> OK
[HKLM | Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] : Standard floppy disk controller -> OK
[HKLM | Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] : Hdc -> OK
[HKLM | Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] : Keyboard -> OK
[HKLM | Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] : Mouse -> OK
[HKLM | Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] : PCMCIA Adapters -> OK
[HKLM | Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] : SCSIAdapter -> OK
[HKLM | Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] : System -> OK
[HKLM | Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] : Floppy disk drive -> OK
[HKLM | Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] : Volume shadow copy -> OK
[HKLM | Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] : Volume -> OK
[HKLM | Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] : Human Interface Devices -> OK

¤

[HKLM | Network\Base] : Driver Group -> OK
[HKLM | Network\Boot Bus Extender] : Driver Group -> OK
[HKLM | Network\Boot file system] : Driver Group -> OK
[HKLM | Network\File system] : Driver Group -> OK
[HKLM | Network\Filter] : Driver Group -> OK
[HKLM | Network\NDIS] : Driver Group -> OK
[HKLM | Network\NDIS Wrapper] : Driver Group -> OK
[HKLM | Network\NetBIOSGroup] : Driver Group -> OK
[HKLM | Network\NetDDEGroup] : Driver Group -> OK
[HKLM | Network\Network] : Driver Group -> OK
[HKLM | Network\NetworkProvider] : Driver Group -> OK
[HKLM | Network\PCI Configuration] : Driver Group -> OK
[HKLM | Network\PNP Filter] : Driver Group -> OK
[HKLM | Network\PNP_TDI] : Driver Group -> OK
[HKLM | Network\Primary disk] : Driver Group -> OK
[HKLM | Network\SCSI Class] : Driver Group -> OK
[HKLM | Network\Streams Drivers] : Driver Group -> OK
[HKLM | Network\System Bus Extender] : Driver Group -> OK
[HKLM | Network\TDI] : Driver Group -> OK
[HKLM | Network\AFD] : Service -> OK
[HKLM | Network\AppMgmt] : Service -> OK
[HKLM | Network\Browser] : Service -> OK
[HKLM | Network\CryptSvc] : Service -> OK
[HKLM | Network\DcomLaunch] : Service -> OK
[HKLM | Network\Dhcp] : Service -> OK
[HKLM | Network\dmadmin] : -> Service
[HKLM | Network\dmserver] : -> Service
[HKLM | Network\DnsCache] : Service -> OK
[HKLM | Network\EventLog] : Service -> OK
[HKLM | Network\HelpSvc] : Service -> OK
[HKLM | Network\LanmanServer] : Service -> OK
[HKLM | Network\LanmanWorkstation] : Service -> OK
[HKLM | Network\LmHosts] : Service -> OK
[HKLM | Network\Messenger] : Service -> OK
[HKLM | Network\Ndisuio] : Service -> OK
[HKLM | Network\NetBIOS] : Service -> OK
[HKLM | Network\NetBT] : Service -> OK
[HKLM | Network\Netlogon] : Service -> OK
[HKLM | Network\NetMan] : Service -> OK
[HKLM | Network\NtLmSsp] : -> Service
[HKLM | Network\PlugPlay] : Service -> OK
[HKLM | Network\rdsessmgr] : Service -> OK
[HKLM | Network\RpcSs] : Service -> OK
[HKLM | Network\sharedaccess] : Service -> OK
[HKLM | Network\SRService] : -> Service
[HKLM | Network\Tcpip] : Service -> OK
[HKLM | Network\termservice] : -> Service
[HKLM | Network\vds] : Service -> OK
[HKLM | Network\WinMgmt] : Service -> OK
[HKLM | Network\Wlansvc] : Service -> OK
[HKLM | Network\dmboot.sys] : -> Driver
[HKLM | Network\dmio.sys] : -> Driver
[HKLM | Network\dmload.sys] : -> Driver
[HKLM | Network\ipnat.sys] : Driver -> OK
[HKLM | Network\ip6fw.sys] : -> Driver
[HKLM | Network\rdpcdd.sys] : -> Driver
[HKLM | Network\sr.sys] : -> FSFilter System Recovery
[HKLM | Network\{36FC9E60-C465-11CF-8056-444553540000}] : Universal Serial Bus controllers -> OK
[HKLM | Network\{4D36E965-E325-11CE-BFC1-08002BE10318}] : CD-ROM Drive -> OK
[HKLM | Network\{4D36E967-E325-11CE-BFC1-08002BE10318}] : DiskDrive -> OK
[HKLM | Network\{4D36E969-E325-11CE-BFC1-08002BE10318}] : Standard floppy disk controller -> OK
[HKLM | Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] : Hdc -> OK
[HKLM | Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] : Keyboard -> OK
[HKLM | Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] : Mouse -> OK
[HKLM | Network\{4D36E972-E325-11CE-BFC1-08002BE10318}] : Net -> OK
[HKLM | Network\{4D36E973-E325-11CE-BFC1-08002BE10318}] : NetClient -> OK
[HKLM | Network\{4D36E974-E325-11CE-BFC1-08002BE10318}] : NetService -> OK
[HKLM | Network\{4D36E975-E325-11CE-BFC1-08002BE10318}] : NetTrans -> OK
[HKLM | Network\{4D36E977-E325-11CE-BFC1-08002BE10318}] : PCMCIA Adapters -> OK
[HKLM | Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}] : SCSIAdapter -> OK
[HKLM | Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}] : System -> OK
[HKLM | Network\{4D36E980-E325-11CE-BFC1-08002BE10318}] : Floppy disk drive -> OK
[HKLM | Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] : Volume -> OK
[HKLM | Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] : Human Interface Devices -> OK

¤¤¤¤¤¤¤¤¤¤ | IFEO


¤¤¤¤¤¤¤¤¤¤ | Mountpoints2



¤¤¤¤¤¤¤¤¤¤ | Windows

[HKLM | Session Manager\SubSystems]|[Windows] : winsrv : %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]|[AppInit_DLLS] :

[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]|[Programs] : com exe bat pif cmd

¤¤¤¤¤¤¤¤¤¤ | Security Center

[HKLM | Security Center]|[AntiVirusDisableNotify] : 0
[HKLM | Security Center]|[FirewallDisableNotify] : 0
[HKLM | Security Center]|[UpdatesDisableNotify] : 0
[HKLM | Security Center\svc]|[AntispywareOverride] : 0
[HKLM | Security Center\svc]|[AntiVirusOverride] : 0
[HKLM | Security Center\svc]|[FirewallOverride] : 0


[HKLM | FirewallPolicy\DomainProfile]|[DisableNotifications] : 0
[HKLM | FirewallPolicy\StandardProfile]|[DisableNotifications] : 0

¤¤¤¤¤¤¤¤¤¤ | Services Corrections

[Compbatt] : 4 -> 0 : Inactif
[RPCSS] : 2 : Actif
[Profsvc] : 2 : Actif
[PlugPlay] : 2 : Actif
[PEAUTH] : 2 : Actif
[Parvdm] : 2 : Actif
[nsi] : 2 : Actif
[NLASvc] : 2 : Actif
[MPSsvc] : 2 : Actif
[MMCSS] : 2 : Actif
[luafv] : 2 : Actif
[lltdio] : 2 : Actif
[Iphlpsvc] : 2 : Actif
[IKEEXT] : 2 : Actif
[gpsvc] : 2 : Actif
[lmhosts] : 2 : Actif
[LanmanWorkstation] : 2 : Actif
[LanmanServer] : 2 : Actif
[agp440] : 3 -> 2 : Inactif
[AudioEndpointBuilder] : 2 : Actif
[Audiosrv] : 2 : Actif
[BFE] : 2 : Actif
[Bits] : 3 -> 2 : Inactif
[CryptSvc] : 2 : Actif
[EapHost] : 3 -> 2 : Inactif
[Wlansvc] : 3 -> 2 : Inactif
[SharedAccess] : 2 : Inactif
[windefend] : 3 -> 2 : Inactif
[winmgmt] : 2 : Actif
[wuauserv] : 2 : Actif
[wudfsvc] : 2 : Actif
[WerSvc] : 2 : Actif
[wscsvc] : 2 : Actif
[Ndisuio] : 3 : Inactif

20:15:55

¤¤¤¤¤¤¤¤¤¤ | Internet Explorer

[HKU\S-1-5-21-1170913042-1277233965-3038881231-1000 | Main]|[Start Page] : https://www.msn.com/fr-fr -> https://www.google.com/?gws_rd=ssl
[HKU\S-1-5-18 | Main]|[Start Page] : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome -> https://www.google.com/?gws_rd=ssl
[HKU\S-1-5-21-1170913042-1277233965-3038881231-1000 | Main]|[Local Page] : C:\Windows\system32\blank.htm
[HKU\S-1-5-18 | Main]|[Search Page] : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

[HKLM | Search]|[SearchAssistant] : -> http://www.google.com/toolbar/ie8/sidebar.html
[HKLM | Main]|[Start Page] : https://www.msn.com/fr-fr -> https://www.msn.com/fr-fr/?ocid=iehp
[HKLM | Main]|[Local Page] : C:\Windows\System32\blank.htm
[HKLM | Main]|[Default_Search_URL] : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
[HKLM | Main]|[Default_Page_URL] : https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF -> https://www.msn.com/fr-fr/?ocid=iehp
[HKLM | Main]|[Search Page] : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
[HKLM | AboutURLs]|[Tabs] : res://ieframe.dll/tabswelcome.htm

¤

[HKU\S-1-5-21-1170913042-1277233965-3038881231-1000 | PhishingFilter]|[Enabled] : 2
[HKU\S-1-5-21-1170913042-1277233965-3038881231-1000 | PhishingFilter]|[EnabledV8] : 1
[HKU\S-1-5-21-1170913042-1277233965-3038881231-1000 | Internet settings]|[ProxyOverride] : *.local
[HKU\S-1-5-19 | Internet settings]|[EnableHttp1_1] : 1
[HKU\S-1-5-20 | Internet settings]|[EnableHttp1_1] : 1
[HKU\S-1-5-21-1170913042-1277233965-3038881231-1000 | Internet settings]|[EnableHttp1_1] : 1
[HKU\S-1-5-21-1170913042-1277233965-3038881231-1000 | Internet settings]|[MigrateProxy] : 1
[HKU\S-1-5-18 | Internet settings]|[MigrateProxy] : 1
[HKU\S-1-5-19 | Internet settings]|[AutoConfigProxy] : wininet.dll
[HKU\S-1-5-20 | Internet settings]|[AutoConfigProxy] : wininet.dll
[HKU\S-1-5-21-1170913042-1277233965-3038881231-1000 | Internet settings]|[AutoConfigProxy] : wininet.dll


¤¤¤¤¤¤¤¤¤¤ | Firefox


Profile : sqt43kb3.default

user_pref("browser.download.dir", "C:\\Users\\yannos\\Tracing\\Downloads");
user_pref("browser.download.lastDir", "C:\\Users\\yannos\\Desktop");
user_pref("browser.startup.homepage_override.buildID", "20120905151427");
user_pref("browser.startup.homepage_override.mstone", "15.0.1");
line Deleted : user_pref("extensions.enabledItems", "{71328583-3CA7-4809-B4BA-570A85818FBB}:0.5b4,{3112ca9c-de6d-4884-a869-9855de68056c}:7.1.20101113Wb1,{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07,{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11,{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13,{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15,{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16,{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17,{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}:6.0.19,{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20,{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21,{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22,{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23,{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24,{20a82645-c095-46ed-80e3-08825760534b}:1.1,{ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.1,{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26,HBLite@HBLite.com:11.0.0.0,{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}:15.0.4,wrc@avast.com:7.0.1466,ffxtlbr@babylon.com:1.2.0,{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}:2.0,{EEE6C361-6118-11DC-9C72-001320C79847}:1.5.0.2,gencrawler@some.com:2.6,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.10");

¤¤¤¤¤¤¤¤¤¤ | Extensions | Plugins

C:\Users\yannos\AppData\Roaming\Mozilla\Firefox\Profiles\sqt43kb3.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
C:\Users\yannos\AppData\Roaming\Mozilla\Firefox\Profiles\sqt43kb3.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
C:\Users\yannos\AppData\Roaming\Mozilla\Firefox\Profiles\sqt43kb3.default\searchplugins\askcomsearch.xml
C:\Users\yannos\AppData\Roaming\Mozilla\Firefox\Profiles\sqt43kb3.default\searchplugins\bing.xml
C:\Program Files\Mozilla Firefox\extensions\realplayer@partners.mozilla.com
C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
C:\Program Files\Mozilla Firefox\searchplugins\bing.xml
C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
C:\Program Files\Mozilla Firefox\searchplugins\google.xml
C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml


¤¤¤¤¤¤¤¤¤¤ | DNS

[HKLM\SYSTEM\CCS | Tcpip\Parameters]|[DhcpNameServer] : 192.168.1.1
[HKLM\SYSTEM\ControlSet001 | Interfaces\{43CB6297-8F46-435E-9C59-4DED67A999A4}]|[DhcpNameServer] : 192.168.42.129
[HKLM\SYSTEM\ControlSet001 | Interfaces\{EBD095F4-2C29-4821-A1FE-C9DBFA915040}]|[DhcpNameServer] : 192.168.1.1
[HKLM\SYSTEM\ControlSet003 | Interfaces\{43CB6297-8F46-435E-9C59-4DED67A999A4}]|[DhcpNameServer] : 192.168.42.129
[HKLM\SYSTEM\ControlSet003 | Interfaces\{EBD095F4-2C29-4821-A1FE-C9DBFA915040}]|[DhcpNameServer] : 192.168.1.1
[HKLM\SYSTEM\CurrentControlSet | Interfaces\{43CB6297-8F46-435E-9C59-4DED67A999A4}]|[DhcpNameServer] : 192.168.42.129
[HKLM\SYSTEM\CurrentControlSet | Interfaces\{EBD095F4-2C29-4821-A1FE-C9DBFA915040}]|[DhcpNameServer] : 192.168.1.1

¤¤¤¤¤¤¤¤¤¤ | Hosts

C:\Windows\System32\Drivers\etc\hosts : Cleaned :)

¤¤¤¤¤¤¤¤¤¤ | Files | Folders | Registry

Quarantined and deleted Successfully : C:\$Recycle.bin\S-1-5-21-1170913042-1277233965-3038881231-1000\$IJJIC07.exe
Quarantined and deleted Successfully : C:\$Recycle.bin\S-1-5-21-1170913042-1277233965-3038881231-1000\$RJJIC07.exe

Quarantined and deleted Successfully : C:\Windows\flow.tmp
Impossible to move : C:\Windows\msdownld.tmp
Quarantined and deleted Successfully : C:\Windows\mozver.dat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\Temp\AdobeARM.log
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\Temp\chrome_installer.log
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\Temp\GoogleToolbarInstaller1.log
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\Temp\jusched.log
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\Temp\LVCOMSX.LOG
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\Temp\MSIcda76.LOG
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\Temp\{B6FE6EEC-7E78-4644-9BF5-A10199943D06}\fpb.tmp
Impossible to move : C:\Users\yannos\AppData\Local\Temp\~DF9E44.tmp
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\Temp\~DF9F9A.tmp
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\Temp\~DFBAF9.tmp
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\Temp\~DFFBF4.tmp
Quarantined and deleted Successfully : C:\Windows\Temp\LVCOMSX.LOG
Quarantined and deleted Successfully : C:\Windows\Temp\MpCmdRun.log
Quarantined and deleted Successfully : C:\Windows\Temp\MpSigStub.log
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Roaming\AVG7\l_000101.log
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Roaming\AVG7\l_000102.log
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Roaming\Azureus\restart.bat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\awaycyq.bat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\cikcaye.bat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\ecucaeu.bat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\eugkc.bat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\gimwk.bat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\gkays.bat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\iayao.bat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\igcqe.bat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\imaqeei.bat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\kgwqwco.bat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\Lollipop\erifbrgc.bat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\Lollipop\erifbrgc.exe
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\Lollipop\lollipop.bat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\Lollipop\mcbgdbb.exe
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\Lollipop\mlkiogm.exe
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\Lollipop\trxvei.exe
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\mqysuyo.bat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\PokerStars\PokerStars.log.0
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\PokerStars\PokerStarsUpdate.log.0
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\PokerStars\PokerStarsUpdateE.log.0
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\PokerStars\_update2.dat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\PokerStars\_updcache.dat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\PokerStars.FR\PokerStars.log.0
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\PokerStars.FR\PokerStars.log.1
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\PokerStars.FR\PokerStarsUpdate.log.0
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\PokerStars.FR\PokerStarsUpdate.log.1
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\PokerStars.FR\PokerStarsUpdateE.log.0
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\PokerStars.FR\PokerStarsUpdateE.log.1
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\PokerStars.FR\Stub.log.0
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\PokerStars.FR\_update2.dat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\PokerStars.FR\_updcache.dat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\qoyoi.bat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\siies.bat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\waausou.bat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\wagmyce.bat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\wwiqs.bat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\ysawk.bat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\microsoft\windows\WindowsUpdate.log
Quarantined and deleted Successfully : C:\ProgramData\avg7\AVG7QT.DAT
Quarantined and deleted Successfully : C:\ProgramData\ma-config.com\mcbase.db
Impossible to move : C:\ProgramData\ma-config.com
Quarantined and deleted Successfully : C:\Users\yannos\jagex_runescape_preferences.dat
Deleted : [HKU\S-1-5-21-1170913042-1277233965-3038881231-1000 | Run]|[erifbrgc] : "c:\users\yannos\appdata\local\lollipop\erifbrgc.exe" erifbrgc

20:35:45

Impossible to move : C:\ProgramData\Installations
Impossible to move : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Install Manager
Impossible to move : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoundDownloader
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Roaming\Microsoft\Windows\Start Menu\Installation du Contrôle Parental.lnk
Quarantined and deleted Successfully : C:\Users\yannos\Desktop\PONE - In my eyes 3.0.mp3
Quarantined and deleted Successfully : C:\Users\yannos\Desktop\SoundDownloader - Raccourci.lnk
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\d3d9caps.dat
Quarantined and deleted Successfully : |D| - C:\Windows\System32\%APPDATA%

¤¤¤¤¤¤¤¤¤¤ | quarantined at reboot

Not quarantined at Reboot : C:\Windows\msdownld.tmp
Not quarantined at Reboot : C:\Users\yannos\AppData\Local\Temp\~DF9E44.tmp
Not quarantined at Reboot : C:\ProgramData\ma-config.com
Not quarantined at Reboot : C:\ProgramData\Installations
Not quarantined at Reboot : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Install Manager
Not quarantined at Reboot : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoundDownloader
Not quarantined at Reboot : C:\Users\yannos\Modèles\H
Not quarantined at Reboot : C:\Users\yannos\AppData\Roaming\Microsoft\Windows\Templates\H

¤¤¤¤¤

20:42:08

¤¤¤¤¤¤¤¤¤¤ | Listing Partition(s)

Disk: 0 Size=238G
Pos MBRndx Type/Name Size Active Hide Start Sector Sectors
--- ------ ---------- ---- ------ ---- ------------ ------------
0 1 07-NTFS 8.8G No No 63 17,928,477
1 0 07-NTFS 230G Yes No 17,928,540 470,463,525

¤¤¤¤¤¤¤¤¤¤ | MBR Control

MBR code signature : C9 6A F9 B0


Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 6.0.6002 Disk: SAMSUNG_SP2504C rev.VT100-50 -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0

device: opened successfully
user: MBR read successfully

Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
1 ntkrnlpa!IofCallDriver[8308E936] -> \Device\Harddisk0\DR0[85B14030]
3 CLASSPNP[885A68B3] -> ntkrnlpa!IofCallDriver[8308E936] -> [85B78918]
5 acpi[806106BC] -> ntkrnlpa!IofCallDriver[8308E936] -> \Device\Ide\IdeDeviceP0T0L0-0[85B05B98]
kernel: MBR read successfully
_asm { XOR DI, DI; MOV SS, DI; MOV SP, 7a00; MOV BX, 7a0; MOV DS, BX; MOV ES, BX; MOV SI, 200; MOV CX, SI; CLD ; REP MOVSB ; JMP FAR 7a0:a3; }
user & kernel MBR OK

20:42:24

[HKLM | Winlogon] | AutoRestartShell : 0 -> 1

¤¤¤¤¤¤¤¤¤¤ | Hidden files

~ [Disque d:] Folders : 1 | Files : 77 ¤¤¤¤¤ Unhide ¤¤¤¤¤ Folders : 0 | Files : 77
~ [Disque C:] Folders : 1 | Files : 1 ¤¤¤¤¤ Unhide ¤¤¤¤¤ Folders : 1 | Files : 1
~ [ProgramFiles] Folders : 1 | Files : 3 ¤¤¤¤¤ Unhide ¤¤¤¤¤ Folders : 1 | Files : 3
~ [Utilisateurs] Folders : 2 | Files : 0 ¤¤¤¤¤ Unhide ¤¤¤¤¤ Folders : 2 | Files : 0
~ [Music] Folders : 4 | Files : 4 ¤¤¤¤¤ Unhide ¤¤¤¤¤ Folders : 4 | Files : 4
~ [Pictures] Folders : 1 | Files : 0 ¤¤¤¤¤ Unhide ¤¤¤¤¤ Folders : 1 | Files : 0
~ [Videos] Folders : 0 | Files : 1 ¤¤¤¤¤ Unhide ¤¤¤¤¤ Folders : 0 | Files : 1
~ [Downloads] Folders : 0 | Files : 0
~ [Desktop] Folders : 1 | Files : 3 ¤¤¤¤¤ Unhide ¤¤¤¤¤ Folders : 1 | Files : 3
~ [Links] Folders : 0 | Files : 0
~ [Searches] Folders : 0 | Files : 2 ¤¤¤¤¤ Unhide ¤¤¤¤¤ Folders : 0 | Files : 2
~ [Contacts] Folders : 9 | Files : 0 ¤¤¤¤¤ Unhide ¤¤¤¤¤ Folders : 9 | Files : 0
~ [Saved_Games] Folders : 0 | Files : 0
~ [Favorites] Folders : 0 | Files : 0
~ [Documents] Folders : 4 | Files : 0 ¤¤¤¤¤ Unhide ¤¤¤¤¤ Folders : 4 | Files : 0
~ [Windows] Folders : 62 | Files : 203 ¤¤¤¤¤ Unhide ¤¤¤¤¤ Folders : 62 | Files : 203
~ [Start_Menu] Folders : 1 | Files : 0 ¤¤¤¤¤ Unhide ¤¤¤¤¤ Folders : 1 | Files : 0
~ [Libraries] Folders : 0 | Files : 0
~ [quick launch] Folders : 0 | Files : 0
~ [AppData] Folders : 1 | Fil
0
Réponse 82 / 120
Utilisateur anonyme
21 sept. 2012 à 21:31
heberge-le stp c'est la misère à lire là
0
Réponse 83 / 120
yann252 Messages postés 84 Date d'inscription dimanche 9 septembre 2012 Statut Membre Dernière intervention 30 août 2013 4
21 sept. 2012 à 21:34
c'est fait
0
Réponse 84 / 120
Utilisateur anonyme
21 sept. 2012 à 21:36
ben il me faut le lien sinon je fais comment pour le consulter ?
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 85 / 120
yann252 Messages postés 84 Date d'inscription dimanche 9 septembre 2012 Statut Membre Dernière intervention 30 août 2013 4
21 sept. 2012 à 21:37
excuse mon incompétence c'est la première fois que je le fais.

https://pjjoint.malekal.com/files.php?id=20120921_b8c7n8w12h14
0
Réponse 86 / 120
Utilisateur anonyme
21 sept. 2012 à 21:41
va peut etre falloir calmer les sites pornos tu crois pas ?
0
Réponse 87 / 120
yann252 Messages postés 84 Date d'inscription dimanche 9 septembre 2012 Statut Membre Dernière intervention 30 août 2013 4
21 sept. 2012 à 21:45
lol a se point!!!!!
0
Réponse 88 / 120
Utilisateur anonyme
21 sept. 2012 à 21:47
franchement tu bombardes !!!!! ^^
0
Réponse 89 / 120
yann252 Messages postés 84 Date d'inscription dimanche 9 septembre 2012 Statut Membre Dernière intervention 30 août 2013 4
21 sept. 2012 à 21:55
mes com n' a paresse plus!!
0
Réponse 90 / 120
yann252 Messages postés 84 Date d'inscription dimanche 9 septembre 2012 Statut Membre Dernière intervention 30 août 2013 4
21 sept. 2012 à 21:56
a si bisard ca encor donc je disais que j'en utilisais qu'un seul mes regulierement et c'est gratuit!
0
Réponse 91 / 120
Utilisateur anonyme
21 sept. 2012 à 21:58
ouaip ben les liens sur lesquels tu cliques sur le site sont quant-à eux bien pourris

=============

Télécharge ici : Navilog1 depuis-ce lien

▶ Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
▶ Ensuite double clique sur navilog1.exe pour lancer l'installation.

Une fois l'installation terminée, le fix s'exécutera automatiquement.

▶ Au menu principal, Fais le choix 1 >> Recherche / suppression automatique

Patiente jusqu'au message :
*** Analyse Termine le ..... ***

>>>>> Le fix peut durer une dizaine de minutes ;)

▶ Appuie sur une touche le bloc note va s'ouvrir.

▶ Copie-colle le rapport ici.


0
Réponse 92 / 120
yann252 Messages postés 84 Date d'inscription dimanche 9 septembre 2012 Statut Membre Dernière intervention 30 août 2013 4
21 sept. 2012 à 22:17
Fix Navipromo version 4.1.1 commencé le 21/09/2012 22:00:52,31

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!

Outil exécuté depuis C:\navilog1

Mise à jour le 07.04.2012 à 20h00 par IL-MAFIOSO

Microsoft® Windows Vista(TM) Édition Familiale Premium ( v6.0.6002 ) Service Pack 2
X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 5600+ )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : yannos ( Administrator )
BOOT : Normal boot

Antivirus : AVG 7.5.488 7.5.488 (Activated)


C:\ (Local Disk) - NTFS - Total:224 Go (Free:30 Go)
D:\ (Local Disk) - NTFS - Total:8 Go (Free:4 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)
G:\ (USB)
J:\ (USB)
L:\ (USB)
O:\ (USB)


Recherche executée en mode normal

Nettoyage exécuté au redémarrage de l'ordinateur


c:\users\yannos\appdata\local\virtua~1\progra~1\InternetGamebox supprimé !


Nettoyage contenu C:\Windows\Temp effectué !
Nettoyage contenu C:\Users\yannos\AppData\Local\Temp effectué !


*** Sauvegarde du Registre vers dossier Safebackup ***

sauvegarde du Registre réalisée avec succès !

*** Nettoyage Registre ***

Nettoyage Registre Ok




*** Scan terminé 21/09/2012 22:15:43,61 ***
0
Réponse 93 / 120
yann252 Messages postés 84 Date d'inscription dimanche 9 septembre 2012 Statut Membre Dernière intervention 30 août 2013 4
21 sept. 2012 à 22:19
j'atire ton attention sur l' antivirus detecté et activé AVG 7.5.488, ce n'est pas celui qui tourne sur mon pc celui ci il a du etre viré par ccleaner normalement.
0
Réponse 94 / 120
Utilisateur anonyme
21 sept. 2012 à 22:25
aide toi de cette page pour virer les restes alors :

https://www.commentcamarche.net/faq/7367-desinstaller-proprement-liens-et-astuces#mcafee-virusscan-8-ou-9
0
Réponse 95 / 120
yann252 Messages postés 84 Date d'inscription dimanche 9 septembre 2012 Statut Membre Dernière intervention 30 août 2013 4
21 sept. 2012 à 22:26
c'est fait merci!!
0
Réponse 96 / 120
Utilisateur anonyme
21 sept. 2012 à 22:29
heberge le rapport de Diag stp via cjoint.com ou autre et donne le lien
0
Réponse 97 / 120
yann252 Messages postés 84 Date d'inscription dimanche 9 septembre 2012 Statut Membre Dernière intervention 30 août 2013 4
21 sept. 2012 à 22:30
Je suppose que mon pc est tout neuf maintenant
0
Réponse 98 / 120
yann252 Messages postés 84 Date d'inscription dimanche 9 septembre 2012 Statut Membre Dernière intervention 30 août 2013 4
21 sept. 2012 à 22:35
https://www.cjoint.com/?BIvwIJfb5lu
0
Réponse 99 / 120
Utilisateur anonyme
21 sept. 2012 à 22:39
nan pas celui-là , Pre_Diag_etc......txt qui est sur ton bureau
0
Réponse 100 / 120
yann252 Messages postés 84 Date d'inscription dimanche 9 septembre 2012 Statut Membre Dernière intervention 30 août 2013 4
21 sept. 2012 à 22:41
https://www.cjoint.com/?3IvwOU9aDy9
0

Discussions similaires

'Votre colis est dans le site de livraison qui dessert votre adresse' que faire
relakztek82 -
Unemeuf -

25 réponses
Colis en cours de transport vers votre site de livraison ?
Ninan_5568 -
senda -

8 réponses
adele
marine carnet-pantier -
irongege -

2 réponses
Chemin Logo du site de la Cité de l'espace
Keiios -
blux -

11 réponses