Pub qui s'ouvre des que j'ouvre une page web
Résolu/Fermé
yann252
Messages postés
84
Date d'inscription
dimanche 9 septembre 2012
Statut
Membre
Dernière intervention
30 août 2013
-
9 sept. 2012 à 10:21
barleey - 23 déc. 2016 à 14:39
barleey - 23 déc. 2016 à 14:39
A voir également:
- Ouvre le site
- Site de telechargement - Accueil - Outils
- Site comme coco - Accueil - Réseaux sociaux
- Quel site remplace coco - Accueil - Réseaux sociaux
- Site inaccessible - Guide
- Site pour vendre des objets d'occasion - Guide
120 réponses
yann252
Messages postés
84
Date d'inscription
dimanche 9 septembre 2012
Statut
Membre
Dernière intervention
30 août 2013
4
21 sept. 2012 à 21:24
21 sept. 2012 à 21:24
c bon pre scan kill est passé!
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Pre_Scan | 2.0920 | g3n-h@ckm@n & Saachaa | ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
¤¤¤¤¤ XP | Vista | 7 | 8 - 32/64 bits ¤¤¤¤¤
~ Update on 20/09/2012 | 23.55 by g3n-h@ckm@n
~ Informations | Evolution : https://gen-hackman.kanak.fr/
~ Informations for the switches Pre_Script : https://gen-hackman.kanak.fr/
~ Feedback Pre_scan : https://gen-hackman.kanak.fr/#505
~ Thx to C_XX , Slyk for their help for the evolution of the tool
~ User : yannos (Administrateurs) | SID = S-1-5-21-1170913042-1277233965-3038881231-1000
~ Computer : PC-DE-YANNOS
~ System : Windows Vista (TM) Home Premium (32 bits) HomePremium Service Pack 2
~ RegisteredOwner : yannos
~ RegisteredOrganization :
~ ProcessorNameString : AMD Athlon(tm) 64 X2 Dual Core Processor 5600+
~ Identifier : x86 Family 15 Model 67 Stepping 3
~ Mémory RAM = Total (KB) : 1832720 | Used (%) : 38 | Free (KB) : 1133510
~ Pagefile = Total (KB) : 3921470 | Free (KB) : 3105560
~ Virtual = Total (KB) : 2097020 | Free (KB) : 1921370
¤¤¤¤¤¤¤¤¤¤ | Boot's scripts
C:\Windows\Setup\Scripts\setupcomplete.cmd
¤¤¤¤¤¤¤¤¤¤ | Drives
c:\ -> [Fixed] | [Systeme] | Total : 229720 Mo | Free : 30830 Mo -> NTFS
d:\ -> [Fixed] | [RECOVERY] | Total : 8750 Mo | Free : 4470 Mo -> NTFS
Scan : 20:14:11 | 21/09/2012
¤¤¤¤¤¤¤¤¤¤ | Windows Updates
Last(s) détection(s) : 2012-09-20 12:23:45
Last(s) download(s) : 2012-09-19 14:47:22
Last(s) installation(s) : 2012-09-19 14:53:56
Next search : 2012-09-21 19:59:16
~ C:\Windows\system32\config\systemprofile
~ C:\Windows\ServiceProfiles\LocalService
~ C:\Windows\ServiceProfiles\NetworkService
~ C:\Users\yannos
~ C:\Users\Mcx1
New restorepoint created
¤¤¤¤¤¤¤¤¤¤ | MD5 Control
[MD5.F42035F832413D6BCC40EA3B636E2907] - [21/09/2012 20:14:12] - [0.5 Ko] - C:\Pre_Scan\MBR.bin
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - [11/09/2009 16:07:44] - (.© Microsoft Corporation. - Explorateur Windows.) - [2858 Ko] - (6.0.6002.18005) - C:\Windows\explorer.exe
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - [14/09/2012 17:29:02] - (.© Microsoft Corporation. - Explorateur Windows.) - [2858 Ko] - (6.0.6002.18005) - C:\Windows\erdnt\cache\explorer.exe
[MD5.FD8C53FB002217F6F888BCF6F5D7084D] - [02/11/2006 10:47:18] - (.© Microsoft Corporation. - Explorateur Windows.) - [2855 Ko] - (6.0.6000.16386) - C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[MD5.6D06CD98D954FE87FB2DB8108793B399] - [12/12/2007 13:41:18] - (.© Microsoft Corporation. - Explorateur Windows.) - [2855 Ko] - (6.0.6000.16549) - C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[MD5.37440D09DEAE0B672A04DCCF7ABF06BE] - [12/12/2008 18:40:51] - (.© Microsoft Corporation. - Explorateur Windows.) - [2855 Ko] - (6.0.6000.16771) - C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[MD5.BD06F0BF753BC704B653C3A50F89D362] - [12/12/2007 13:41:17] - (.© Microsoft Corporation. - Explorateur Windows.) - [2855 Ko] - (6.0.6000.20668) - C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[MD5.E7156B0B74762D9DE0E66BDCDE06E5FB] - [12/12/2008 18:40:51] - (.© Microsoft Corporation. - Explorateur Windows.) - [2855 Ko] - (6.0.6000.20947) - C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[MD5.FFA764631CB70A30065C12EF8E174F9F] - [18/06/2008 13:49:09] - (.© Microsoft Corporation. - Explorateur Windows.) - [2858.5 Ko] - (6.0.6001.18000) - C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
[MD5.4F554999D7D5F05DAAEBBA7B5BA1089D] - [12/12/2008 18:40:52] - (.© Microsoft Corporation. - Explorateur Windows.) - [2858.5 Ko] - (6.0.6001.18164) - C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[MD5.50BA5850147410CDE89C523AD3BC606E] - [12/12/2008 18:40:52] - (.© Microsoft Corporation. - Explorateur Windows.) - [2859 Ko] - (6.0.6001.22298) - C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - [11/09/2009 16:07:44] - (.© Microsoft Corporation. - Explorateur Windows.) - [2858 Ko] - (6.0.6002.18005) - C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[MD5.ABCA209EBA02CB59233614DB83B4F50D] - [18/06/2008 13:46:27] - (.© Microsoft Corporation. - Processus d'exécuttion client-serveur.) - [6 Ko] - (6.0.6001.18000) - C:\Windows\System32\csrss.exe
[MD5.117B7C8A8B026A5DCE5E3180ED05E823] - [02/11/2006 10:33:03] - (.© Microsoft Corporation. - Processus d'exécuttion client-serveur.) - [7.5 Ko] - (6.0.6000.16386) - C:\Windows\winsxs\x86_microsoft-windows-csrss_31bf3856ad364e35_6.0.6000.16386_none_56ad21dbe72a9d78\csrss.exe
[MD5.ABCA209EBA02CB59233614DB83B4F50D] - [18/06/2008 13:46:27] - (.© Microsoft Corporation. - Client Server Runtime Process.) - [6 Ko] - (6.0.6001.18000) - C:\Windows\winsxs\x86_microsoft-windows-csrss_31bf3856ad364e35_6.0.6001.18000_none_58e3e3d7e415ae4c\csrss.exe
[MD5.D4E6D91C1349B7BFB3599A6ADA56851B] - [14/09/2012 17:29:01] - (.© Microsoft Corporation. - Applications Services et Contrôleur.) - [273 Ko] - (6.0.6002.18005) - C:\Windows\erdnt\cache\services.exe
[MD5.D4E6D91C1349B7BFB3599A6ADA56851B] - [11/09/2009 16:07:15] - (.© Microsoft Corporation. - Applications Services et Contrôleur.) - [273 Ko] - (6.0.6002.18005) - C:\Windows\System32\services.exe
[MD5.329CF3C97CE4C19375C8ABCABAE258B0] - [02/11/2006 10:35:31] - (.© Microsoft Corporation. - Applications Services et Contrôleur.) - [273 Ko] - (6.0.6000.16386) - C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6000.16386_none_cd28fe6bd05df036\services.exe
[MD5.2B336AB6286D6C81FA02CBAB914E3C6C] - [18/06/2008 13:48:36] - (.© Microsoft Corporation. - Applications Services et Contrôleur.) - [272.5 Ko] - (6.0.6001.18000) - C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe
[MD5.D4E6D91C1349B7BFB3599A6ADA56851B] - [11/09/2009 16:07:15] - (.© Microsoft Corporation. - Applications Services et Contrôleur.) - [273 Ko] - (6.0.6002.18005) - C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe
[MD5.98AF15A94CD6AC37248E72E5FE789B35] - [11/09/2009 16:06:13] - (.© Microsoft Corporation. - Windows Session Manager.) - [62.5 Ko] - (6.0.6002.18005) - C:\Windows\System32\smss.exe
[MD5.CAA75757BB3695478C23CB0624342A61] - [02/11/2006 10:33:05] - (.© Microsoft Corporation. - Windows Session Manager.) - [61.5 Ko] - (6.0.6000.16386) - C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6000.16386_none_aa03e6011c468ee6\smss.exe
[MD5.6701DDAF68BEDE6BBEEA9D514D73A35B] - [18/06/2008 13:47:49] - (.© Microsoft Corporation. - Windows Session Manager.) - [62.5 Ko] - (6.0.6001.18000) - C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6001.18000_none_ac3aa7fd19319fba\smss.exe
[MD5.98AF15A94CD6AC37248E72E5FE789B35] - [11/09/2009 16:06:13] - (.© Microsoft Corporation. - Windows Session Manager.) - [62.5 Ko] - (6.0.6002.18005) - C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.18005_none_ae26210916536b06\smss.exe
[MD5.0E135526E9785D085BCD9AEDE6FBCBF9] - [14/09/2012 17:29:02] - (.© Microsoft Corporation. - Application d'ouverture de session Userinit.) - [24.5 Ko] - (6.0.6001.18000) - C:\Windows\erdnt\cache\userinit.exe
[MD5.0E135526E9785D085BCD9AEDE6FBCBF9] - [18/06/2008 13:46:58] - (.© Microsoft Corporation. - Application d'ouverture de session Userinit.) - [24.5 Ko] - (6.0.6001.18000) - C:\Windows\System32\userinit.exe
[MD5.22027835939F86C3E47AD8E3FBDE3D11] - [02/11/2006 10:43:52] - (.© Microsoft Corporation. - Application d'ouverture de session Userinit.) - [24 Ko] - (6.0.6000.16386) - C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
[MD5.0E135526E9785D085BCD9AEDE6FBCBF9] - [18/06/2008 13:46:58] - (.© Microsoft Corporation. - Application d'ouverture de session Userinit.) - [24.5 Ko] - (6.0.6001.18000) - C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - [14/09/2012 17:29:03] - (.© Microsoft Corporation. - Application de démarrage de Windows.) - [94.5 Ko] - (6.0.6001.18000) - C:\Windows\erdnt\cache\wininit.exe
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - [18/06/2008 13:48:25] - (.© Microsoft Corporation. - Application de démarrage de Windows.) - [94.5 Ko] - (6.0.6001.18000) - C:\Windows\System32\wininit.exe
[MD5.D4385B03E8CCCEE6F0EE249F827C1F3E] - [02/11/2006 10:44:42] - (.© Microsoft Corporation. - Application de démarrage de Windows.) - [93.5 Ko] - (6.0.6000.16386) - C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6000.16386_none_2ebbf6d3076595ce\wininit.exe
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - [18/06/2008 13:48:25] - (.© Microsoft Corporation. - Application de démarrage de Windows.) - [94.5 Ko] - (6.0.6001.18000) - C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
[MD5.898E7C06A350D4A1A64A9EA264D55452] - [14/09/2012 17:29:01] - (.© Microsoft Corporation. - Application d'ouverture de session Windows.) - [307 Ko] - (6.0.6002.18005) - C:\Windows\erdnt\cache\winlogon.exe
[MD5.898E7C06A350D4A1A64A9EA264D55452] - [11/09/2009 16:06:57] - (.© Microsoft Corporation. - Application d'ouverture de session Windows.) - [307 Ko] - (6.0.6002.18005) - C:\Windows\System32\winlogon.exe
[MD5.9F75392B9128A91ABAFB044EA350BAAD] - [02/11/2006 10:44:42] - (.© Microsoft Corporation. - Windows Logon Application.) - [301 Ko] - (6.0.6000.16386) - C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[MD5.C2610B6BDBEFC053BBDAB4F1B965CB24] - [18/06/2008 13:48:45] - (.© Microsoft Corporation. - Application d'ouverture de session Windows.) - [307.5 Ko] - (6.0.6001.18000) - C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
[MD5.898E7C06A350D4A1A64A9EA264D55452] - [11/09/2009 16:06:57] - (.© Microsoft Corporation. - Application d'ouverture de session Windows.) - [307 Ko] - (6.0.6002.18005) - C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[MD5.3911B972B55FEA0478476B2E777B29FA] - [17/06/2011 18:50:55] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [267 Ko] - (6.0.6002.18457) - C:\Windows\System32\drivers\afd.sys
[MD5.5D24CAF8EFD924A875698FF28384DB8B] - [02/11/2006 10:58:43] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [264 Ko] - (6.0.6000.16386) - C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6000.16386_none_d5b1809661820e7c\afd.sys
[MD5.763E172A55177E478CB419F88FD0BA03] - [18/06/2008 13:48:43] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [267.5 Ko] - (6.0.6001.18000) - C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6001.18000_none_d7e842925e6d1f50\afd.sys
[MD5.48EB99503533C27AC6135648E5474457] - [17/06/2011 18:50:54] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [267 Ko] - (6.0.6001.18639) - C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6001.18639_none_d7d0e0cc5e7d461c\afd.sys
[MD5.C8AF25017CECB75906A571AC70D2D306] - [17/06/2011 18:50:55] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [267.5 Ko] - (6.0.6001.22905) - C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6001.22905_none_d876efff77862705\afd.sys
[MD5.A201207363AA900ABF1A388468688570] - [11/09/2009 16:06:17] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [267.5 Ko] - (6.0.6002.18005) - C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.18005_none_d9d3bb9e5b8eea9c\afd.sys
[MD5.3911B972B55FEA0478476B2E777B29FA] - [17/06/2011 18:50:55] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [267 Ko] - (6.0.6002.18457) - C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.18457_none_d99fb42e5bb59d9b\afd.sys
[MD5.70EE0FC7A0F384DBD929A01384AEEB4B] - [17/06/2011 18:50:55] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [267.5 Ko] - (6.0.6002.22629) - C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.22629_none_da4bc33774b91967\afd.sys
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - [14/09/2012 17:29:01] - (.© Microsoft Corporation. - ATAPI IDE Miniport Driver.) - [19.48 Ko] - (6.0.6002.18005) - C:\Windows\erdnt\cache\atapi.sys
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - [11/09/2009 16:06:48] - (.© Microsoft Corporation. - ATAPI IDE Miniport Driver.) - [19.48 Ko] - (6.0.6002.18005) - C:\Windows\System32\drivers\atapi.sys
[MD5.2D9C903DC76A66813D350A562DE40ED9] - [18/06/2008 13:47:45] - (.© Microsoft Corporation. - ATAPI IDE Miniport Driver.) - [21.05 Ko] - (6.0.6001.18000) - C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - [11/09/2009 16:06:48] - (.© Microsoft Corporation. - ATAPI IDE Miniport Driver.) - [19.48 Ko] - (6.0.6002.18005) - C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[MD5.6B4BFFB9BECD728097024276430DB314] - [11/09/2009 16:06:03] - (.© Microsoft Corporation. - SCSI CD-ROM Driver.) - [65.5 Ko] - (6.0.6002.18005) - C:\Windows\System32\drivers\cdrom.sys
[MD5.1EC25CEA0DE6AC4718BF89F9E1778B57] - [18/06/2008 13:46:32] - (.© Microsoft Corporation. - SCSI CD-ROM Driver.) - [65.5 Ko] - (6.0.6001.18000) - C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[MD5.6B4BFFB9BECD728097024276430DB314] - [11/09/2009 16:06:03] - (.© Microsoft Corporation. - SCSI CD-ROM Driver.) - [65.5 Ko] - (6.0.6002.18005) - C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - [11/09/2009 16:06:47] - (.© Microsoft Corporation. - MBT Transport driver.) - [181.5 Ko] - (6.0.6002.18005) - C:\Windows\System32\drivers\netbt.sys
[MD5.E3A168912E7EEFC3BD3B814720D68B41] - [02/11/2006 10:57:20] - (.© Microsoft Corporation. - MBT Transport driver.) - [180 Ko] - (6.0.6000.16386) - C:\Windows\winsxs\x86_microsoft-windows-netbt_31bf3856ad364e35_6.0.6000.16386_none_5e2e0665fa591691\netbt.sys
[MD5.7C5FEE5B1C5728507CD96FB4A13E7A02] - [18/06/2008 13:47:31] - (.© Microsoft Corporation. - MBT Transport driver.) - [180 Ko] - (6.0.6001.18000) - C:\Windows\winsxs\x86_microsoft-windows-netbt_31bf3856ad364e35_6.0.6001.18000_none_6064c861f7442765\netbt.sys
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - [11/09/2009 16:06:47] - (.© Microsoft Corporation. - MBT Transport driver.) - [181.5 Ko] - (6.0.6002.18005) - C:\Windows\winsxs\x86_microsoft-windows-netbt_31bf3856ad364e35_6.0.6002.18005_none_6250416df465f2b1\netbt.sys
[MD5.76B06EB8A01FC8624D699E7045303E54] - [14/09/2012 17:29:01] - (.© Microsoft Corporation. - TDI Translation Driver.) - [70.5 Ko] - (6.0.6002.18005) - C:\Windows\erdnt\cache\tdx.sys
[MD5.76B06EB8A01FC8624D699E7045303E54] - [11/09/2009 16:06:15] - (.© Microsoft Corporation. - TDI Translation Driver.) - [70.5 Ko] - (6.0.6002.18005) - C:\Windows\System32\drivers\tdx.sys
[MD5.AB4FDE8AF4A0270A46A001C08CBCE1C2] - [02/11/2006 10:57:35] - (.© Microsoft Corporation. - TDI Translation Driver.) - [66.5 Ko] - (6.0.6000.16386) - C:\Windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6000.16386_none_e807064fdf2a97e3\tdx.sys
[MD5.D09276B1FAB033CE1D40DCBDF303D10F] - [18/06/2008 13:47:58] - (.© Microsoft Corporation. - TDI Translation Driver.) - [70 Ko] - (6.0.6001.18000) - C:\Windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6001.18000_none_ea3dc84bdc15a8b7\tdx.sys
[MD5.76B06EB8A01FC8624D699E7045303E54] - [11/09/2009 16:06:15] - (.© Microsoft Corporation. - TDI Translation Driver.) - [70.5 Ko] - (6.0.6002.18005) - C:\Windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6002.18005_none_ec294157d9377403\tdx.sys
[MD5.147281C01FCB1DF9252DE2A10D5E7093] - [11/09/2009 16:06:51] - (.© Microsoft Corporation. - Pilote de cliché instantané du volume.) - [220.98 Ko] - (6.0.6002.18005) - C:\Windows\System32\drivers\volsnap.sys
[MD5.D8B4A53DD2769F226B3EB374374987C9] - [18/06/2008 13:49:13] - (.© Microsoft Corporation. - Volume Shadow Copy Driver.) - [222.55 Ko] - (6.0.6001.18000) - C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6001.18000_none_15b6b780fc14facd\volsnap.sys
[MD5.147281C01FCB1DF9252DE2A10D5E7093] - [11/09/2009 16:06:51] - (.© Microsoft Corporation. - Volume Shadow Copy Driver.) - [220.98 Ko] - (6.0.6002.18005) - C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6002.18005_none_17a2308cf936c619\volsnap.sys
20:15:50
¤¤¤¤¤¤¤¤¤¤ | Processes stopped
MsMpEng.exe (1040) -> Process stopped !
Ati2evxx.exe (1128) -> Process stopped !
LVPrcSrv.exe (1200) -> Process stopped !
SLsvc.exe (1412) -> Process stopped !
spoolsv.exe (1828) -> Process stopped !
Ati2evxx.exe (1892) -> Process stopped !
armsvc.exe (560) -> Process stopped !
AppleMobileDeviceService.exe (1684) -> Process stopped !
taskeng.exe (576) -> Process stopped !
taskeng.exe (2092) -> Process stopped !
explorer.exe (2200) -> Process stopped !
mDNSResponder.exe (2240) -> Process stopped !
LSSrvc.exe (2292) -> Process stopped !
LVComSer.exe (2400) -> Process stopped !
mbamscheduler.exe (2464) -> Process stopped !
LVComSer.exe (2488) -> Process stopped !
mbamgui.exe (2668) -> Process stopped !
PRISMXL.SYS (2744) -> Process stopped !
SearchIndexer.exe (2908) -> Process stopped !
Communications_Helper.exe (3016) -> Process stopped !
Quickcam.exe (3064) -> Process stopped !
PWRISOVM.EXE (3204) -> Process stopped !
UMonit.exe (3256) -> Process stopped !
WUDFHost.exe (3276) -> Process stopped !
winampa.exe (3416) -> Process stopped !
SMSTray.exe (3636) -> Process stopped !
realsched.exe (2980) -> Process stopped !
jusched.exe (3120) -> Process stopped !
MOM.exe (2088) -> Process stopped !
msseces.exe (3452) -> Process stopped !
sidebar.exe (3616) -> Process stopped !
ehtray.exe (3680) -> Process stopped !
wmpnscfg.exe (2932) -> Process stopped !
erifbrgc.exe (3964) -> Process stopped !
mobsync.exe (3792) -> Process stopped !
ehmsas.exe (2428) -> Process stopped !
wmplayer.exe (3348) -> Process stopped !
wmpnetwk.exe (2160) -> Process stopped !
COCIManager.exe (4988) -> Process stopped !
CCC.exe (3192) -> Process stopped !
conime.exe (7528) -> Process stopped !
conime.exe (8016) -> Process stopped !
conime.exe (9276) -> Process stopped !
conime.exe (9400) -> Process stopped !
conime.exe (12768) -> Process stopped !
conime.exe (14176) -> Process stopped !
conime.exe (12492) -> Process stopped !
taskeng.exe (6768) -> Process stopped !
¤¤¤¤¤¤¤¤¤¤ | Running processes
Boot : Normal
[MD5.98AF15A94CD6AC37248E72E5FE789B35] - [11/09/2009 16:06:13] - 468 | C:\Windows\System32\smss.exe (.Microsoft Corporation - Windows Session Manager.) - (6.0.6002.18005) -> \SystemRoot\System32\smss.exe [64000 Ko]
[MD5.ABCA209EBA02CB59233614DB83B4F50D] - [18/06/2008 13:46:27] - 600 | C:\Windows\system32\csrss.exe (.Microsoft Corporation - Processus d'exécuttion client-serveur.) - (6.0.6001.18000) -> C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16 [6144 Ko]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - [18/06/2008 13:48:25] - 664 | C:\Windows\system32\wininit.exe (.Microsoft Corporation - Application de démarrage de Windows.) - (6.0.6001.18000) -> wininit.exe [96768 Ko]
[MD5.ABCA209EBA02CB59233614DB83B4F50D] - [18/06/2008 13:46:27] - 676 | C:\Windows\system32\csrss.exe (.Microsoft Corporation - Processus d'exécuttion client-serveur.) - (6.0.6001.18000) -> C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16 [6144 Ko]
[MD5.17FFE3A6642B5DE7E93DBC21E124FA19] - [11/09/2009 16:07:15] - 712 | C:\Windows\system32\services.exe (.Microsoft Corporation - Applications Services et Contrôleur.) - (6.0.6002.18005) -> C:\Windows\system32\services.exe [279552 Ko]
[MD5.A3E186B4B935905B829219502557314E] - [16/01/2012 16:57:33] - 728 | C:\Windows\system32\lsass.exe (.Microsoft Corporation - Processus de l'autorité de sécurité locale.) - (6.0.6002.18541) -> C:\Windows\system32\lsass.exe [9728 Ko]
[MD5.7564348D8F099A4441C1A71875E104B5] - [18/06/2008 13:49:07] - 736 | C:\Windows\system32\lsm.exe (.Microsoft Corporation - Service du gestionnaire de session locale.) - (6.0.6001.18000) -> C:\Windows\system32\lsm.exe [229888 Ko]
[MD5.7A556AB2E204BF52993C0C56B61064C5] - [11/09/2009 16:06:57] - 852 | C:\Windows\system32\winlogon.exe (.Microsoft Corporation - Application d'ouverture de session Windows.) - (6.0.6002.18005) -> winlogon.exe [314368 Ko]
[MD5.3794B461C45882E06856F282EEF025AF] - [18/06/2008 13:47:10] - 920 | C:\Windows\system32\svchost.exe (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.0.6001.18000) -> C:\Windows\system32\svchost.exe -k DcomLaunch [21504 Ko]
[MD5.3794B461C45882E06856F282EEF025AF] - [18/06/2008 13:47:10] - 984 | C:\Windows\system32\svchost.exe (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.0.6001.18000) -> C:\Windows\system32\svchost.exe -k rpcss [21504 Ko]
[MD5.3794B461C45882E06856F282EEF025AF] - [18/06/2008 13:47:10] - 1148 | C:\Windows\System32\svchost.exe (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.0.6001.18000) -> C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [21504 Ko]
[MD5.3794B461C45882E06856F282EEF025AF] - [18/06/2008 13:47:10] - 1188 | C:\Windows\System32\svchost.exe (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.0.6001.18000) -> C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [21504 Ko]
[MD5.3794B461C45882E06856F282EEF025AF] - [18/06/2008 13:47:10] - 1316 | C:\Windows\system32\svchost.exe (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.0.6001.18000) -> C:\Windows\system32\svchost.exe -k netsvcs [21504 Ko]
[MD5.3794B461C45882E06856F282EEF025AF] - [18/06/2008 13:47:10] - 1392 | C:\Windows\system32\svchost.exe (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.0.6001.18000) -> C:\Windows\system32\svchost.exe -k GPSvcGroup [21504 Ko]
[MD5.3794B461C45882E06856F282EEF025AF] - [18/06/2008 13:47:10] - 1456 | C:\Windows\system32\svchost.exe (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.0.6001.18000) -> C:\Windows\system32\svchost.exe -k LocalService [21504 Ko]
[MD5.3794B461C45882E06856F282EEF025AF] - [18/06/2008 13:47:10] - 1592 | C:\Windows\system32\svchost.exe (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.0.6001.18000) -> C:\Windows\system32\svchost.exe -k NetworkService [21504 Ko]
[MD5.3794B461C45882E06856F282EEF025AF] - [18/06/2008 13:47:10] - 1856 | C:\Windows\system32\svchost.exe (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.0.6001.18000) -> C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork [21504 Ko]
[MD5.BBA31B625E7B1BCAFE4A30387E9E8238] - [30/06/2007 17:55:26] - 1892 | C:\Windows\system32\Ati2evxx.exe (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - (6.14.10.4222) -> Ati2evxx.exe -Client [733184 Ko]
[MD5.AC0429539F33CEE12CD626CDCB5C9301] - [14/12/2010 22:54:39] - 2092 | C:\Windows\system32\taskeng.exe (.Microsoft Corporation - Moteur du Planificateur de tâches.) - (6.0.6002.18342) -> taskeng.exe {3A23D013-942B-4679-A50D-C0DC598DFEE3} [171520 Ko]
[MD5.01DD1004181FD46ECDC3628228EB269D] - [11/09/2009 16:06:52] - 2128 | C:\Windows\system32\Dwm.exe (.Microsoft Corporation - Gestionnaire de fenêtres du Bureau.) - (6.0.6002.18005) -> "C:\Windows\system32\Dwm.exe" [81920 Ko]
[MD5.1BCF1988220D69B48B41290351D4C847] - [20/07/2007 00:38:54] - 2488 | C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe (.Logitech Inc. - Logitech Video COM Service.) - (1.0.1.2021) -> "C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe" /keymon [186904 Ko]
[MD5.5F72F7B89D2FFFF87786231DB9F92BCF] - [13/09/2012 17:01:02] - 2568 | C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - (1.65.0.0) -> "C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe" [676936 Ko]
[MD5.3794B461C45882E06856F282EEF025AF] - [18/06/2008 13:47:10] - 2700 | C:\Windows\system32\svchost.exe (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.0.6001.18000) -> C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted [21504 Ko]
[MD5.3794B461C45882E06856F282EEF025AF] - [18/06/2008 13:47:10] - 2776 | C:\Windows\system32\svchost.exe (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.0.6001.18000) -> C:\Windows\system32\svchost.exe -k imgsvc [21504 Ko]
[MD5.3794B461C45882E06856F282EEF025AF] - [18/06/2008 13:47:10] - 2820 | C:\Windows\System32\svchost.exe (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.0.6001.18000) -> C:\Windows\System32\svchost.exe -k WerSvcGroup [21504 Ko]
[MD5.8274C87726D4561EE8750D883764ACC1] - [11/09/2009 16:06:08] - 888 | C:\Windows\system32\wbem\unsecapp.exe (.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) - (6.0.6002.18005) -> C:\Windows\system32\wbem\unsecapp.exe -Embedding [37888 Ko]
[MD5.9E69F26034694A7FD5F1596A71F60DD1] - [11/09/2009 16:07:31] - 2652 | C:\Windows\system32\wbem\wmiprvse.exe (.Microsoft Corporation - WMI Provider Host.) - (6.0.6002.18005) -> C:\Windows\system32\wbem\wmiprvse.exe [247296 Ko]
[MD5.3794B461C45882E06856F282EEF025AF] - [18/06/2008 13:47:10] - 4524 | C:\Windows\system32\svchost.exe (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.0.6001.18000) -> C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [21504 Ko]
[MD5.AC0429539F33CEE12CD626CDCB5C9301] - [14/12/2010 22:54:39] - 6768 | C:\Windows\system32\taskeng.exe (.Microsoft Corporation - Moteur du Planificateur de tâches.) - (6.0.6002.18342) -> taskeng.exe {532BB841-8449-4D3B-93E7-09FE084925AC} [171520 Ko]
[MD5.9E69F26034694A7FD5F1596A71F60DD1] - [11/09/2009 16:07:31] - 7020 | C:\Windows\system32\wbem\wmiprvse.exe (.Microsoft Corporation - WMI Provider Host.) - (6.0.6002.18005) -> C:\Windows\system32\wbem\wmiprvse.exe [247296 Ko]
[MD5.F150883C9D31A352A05362AFDF2F161C] - [21/09/2012 17:17:51] - 14608 | C:\Users\yannos\Desktop\winlogon.exe (. - g3n-h@ckm@n.) - (2.0.9.20) -> "C:\Users\yannos\Desktop\winlogon.exe" [1762422 Ko]
[MD5.BD8235468636C0336809E02870F6A9F4] - [18/06/2008 13:48:15] - 14704 | C:\Windows\system32\WUDFHost.exe (.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l'infrastructure de pilotes en mode utilisateur.) - (6.0.6001.18000) -> "C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-463e8399-9f42-46fc-927b-469be53c320b -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-59a48917-b528-4b54-aa89-6a584a076bae -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-66266776-aefd-418f-9de0-d9821b2e0e08 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:c33daea3-25b3-4745-bbf9-f5f56607ddd2 [142336 Ko]
[MD5.90DC23D940551DB35367FB1E40575B25] - [11/11/2010 12:26:40] - 14948 | c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (.Microsoft Corporation - Antimalware Service Executable.) - (3.0.8107.0) -> "c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe" [11736 Ko]
[MD5.6080A176D09435FC8E6E800996656E18] - [11/09/2009 16:06:17] - 14456 | C:\Windows\system32\conime.exe (.Microsoft Corporation - Console IME.) - (6.0.6002.18005) -> C:\Windows\system32\conime.exe [69120 Ko]
[MD5.701AAD2C6A028D1A53F15B904E78218A] - [11/09/2009 16:08:09] - 2632 | C:\Windows\system32\SearchIndexer.exe (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.6002.18005) -> C:\Windows\system32\SearchIndexer.exe /Embedding [441344 Ko]
[MD5.DEA3C2999A915F45B2F17A825226B80E] - [18/06/2008 13:48:38] - 4168 | C:\Program Files\Windows Media Player\wmpnetwk.exe (.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) - (11.0.6001.7000) -> "C:\Program Files\Windows Media Player\wmpnetwk.exe" [896512 Ko]
[MD5.AC0429539F33CEE12CD626CDCB5C9301] - [14/12/2010 22:54:39] - 7280 | C:\Windows\system32\taskeng.exe (.Microsoft Corporation - Moteur du Planificateur de tâches.) - (6.0.6002.18342) -> taskeng.exe {50F93F23-B2E2-4B81-8D6C-351D23CC042C} [171520 Ko]
[MD5.8554097E5136C3BF9F69FE578A1B35F4] - [16/09/2010 17:54:47] - 7740 | C:\Windows\System32\spoolsv.exe (.Microsoft Corporation - Application sous-système spouleur.) - (6.0.6002.18294) -> C:\Windows\System32\spoolsv.exe [128000 Ko]
[MD5.20F6F19FE9E753F2780DC2FA083AD597] - [25/05/2011 14:06:20] - 7040 | C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (.Apple Inc. - MobileDeviceService.) - (17.66.0.47) -> "C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" [37664 Ko]
[MD5.1DEBC8BCFDEFF1DC081B9C3D339681F0] - [11/09/2009 16:07:55] - 6160 | C:\Windows\system32\SearchProtocolHost.exe (.Microsoft Corporation - Microsoft Windows Search Protocol Host.) - (7.0.6002.18005) -> "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" [185344 Ko]
[MD5.C9EE7FF225EAC1CB9C78C413667CDB80] - [11/09/2009 16:07:55] - 4416 | C:\Windows\system32\SearchFilterHost.exe (.Microsoft Corporation - Microsoft Windows Search Filter Host.) - (7.0.6002.18005) -> "C:\Windows\system32\SearchFilterHost.exe" 0 620 624 632 65536 628 [87552 Ko]
¤¤¤¤¤¤¤¤¤¤ | Winlogon
¤
[HKLM | Winlogon]|[Shell] : Explorer.exe
[HKLM | Winlogon]|[AutoRestartShell] : 0
[HKLM | Winlogon]|[userinit] : C:\Windows\system32\userinit.exe,
[HKLM | Winlogon]|[PowerDownAfterShutdown] : 0 -> 1
[HKLM | Winlogon]|[System] :
¤¤¤¤¤¤¤¤¤¤ | Associations
[.exe] : exefile
[exefile | command] : "%1" %*
[.com] : ComFile
[comfile | command] : "%1" %*
[.reg] : regfile
[regfile | command] : regedit.exe "%1"
[.scr] : scrfile
[scrfile | command] : "%1" /S
[.bat] : batfile
[batfile | command] : "%1" %*
[.cmd] : cmdfile
[cmdfile | command] : "%1" %*
[.pif] : piffile
[piffile | command] : "%1" %*
[.url] : InternetShortcut
[InternetShortcut | command] : "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l
[Application.Manifest | command] : rundll32.exe dfshim.dll,ShOpenVerbApplication %1
[Application.Reference | command] : rundll32.exe dfshim.dll,ShOpenVerbShortcut %1|%2
[Folder | command] : C:\Windows\explorer.exe
¤
[Firefox | Command] | @ : C:\Program Files\Mozilla Firefox\firefox.exe -> "C:\Program Files\Mozilla Firefox\Firefox.exe"
[Firefox - Safemode | Command] | @ : "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode
[IE | Command] | @ : "C:\Program Files\Internet Explorer\iexplore.exe"
[Applications | IE | Command] | @ : "C:\Program Files\Internet Explorer\iexplore.exe" %1
[Assoc | Applications] | @ : http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s -> http://shell.windows.com/fileassoc/%04x/xml/redir.asp?Ext=%s
¤¤¤¤¤¤¤¤¤¤ | Corrections diverses
[HKLM | Advanced\Folder\Hidden\SHOWALL]|[CheckedValue] : 1
[HKLM | CurrentVersion\Explorer]|[AlwaysUnloadDll] : -> 1
[HKU\S-1-5-19 | Desktop]|[Wallpaper] : C:\windows\Web\Wallpaper\img24.jpg
[HKU\S-1-5-20 | Desktop]|[Wallpaper] : C:\windows\Web\Wallpaper\img24.jpg
[HKU\S-1-5-21-1170913042-1277233965-3038881231-1000 | Desktop]|[Wallpaper] : C:\Users\yannos\Pictures\Mes images\Mes images\300799_10150365221549411_567069410_8099136_1478819840_n.jpg
[HKU\S-1-5-18 | Desktop]|[Wallpaper] : (None)
[HKU\S-1-5-19 | Explorer\Advanced]|[Hidden] : -> 0
[HKU\S-1-5-20 | Explorer\Advanced]|[Hidden] : -> 0
[HKU\S-1-5-21-1170913042-1277233965-3038881231-1000 | Explorer\Advanced]|[Hidden] : 2 -> 0
[HKU\S-1-5-21-1170913042-1277233965-3038881231-1000_Classes | Explorer\Advanced]|[Hidden] : -> 0
[HKU\S-1-5-18 | Explorer\Advanced]|[Hidden] : -> 0
[HKLM | Policies\System]|[DisableRegistryTools] : 0
[HKLM | Control\SafeBoot]|[AlternateShell] : cmd.exe
[HKLM | HideDesktopIcons\NewStartPanel]|[{9343812e-1c37-4a49-a12e-4b2d810d956b}] : 1 -> 0
[HKLM | HideDesktopIcons\NewStartPanel]|[{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}] : 1 -> 0
[HKLM | HideDesktopIcons\NewStartPanel]|[{20D04FE0-3AEA-1069-A2D8-08002B30309D}] : 1 -> 0
[HKLM | HideDesktopIcons\NewStartPanel]|[{208D2C60-3AEA-1069-A2D7-08002B30309D}] : 1 -> 0
[HKLM | HideDesktopIcons\NewStartPanel]|[{871C5380-42A0-1069-A2EA-08002B30309D}] : 1 -> 0
[HKLM | HideDesktopIcons\NewStartPanel]|[{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}] : 1 -> 0
[HKLM | HideDesktopIcons\NewStartPanel]|[{59031a47-3f72-44a7-89c5-5595fe6b30ee}] : 1 -> 0
20:15:54
¤¤¤¤¤¤¤¤¤¤ | SafeBoot | Control | Repair
[HKLM | Safeboot] -> OK
[HKLM | Safeboot\Minimal] -> OK
[HKLM | Safeboot\Network] -> OK
¤
[HKLM | Minimal\Base] : Driver Group -> OK
[HKLM | Minimal\Boot Bus Extender] : Driver Group -> OK
[HKLM | Minimal\Boot file system] : Driver Group -> OK
[HKLM | Minimal\File system] : Driver Group -> OK
[HKLM | Minimal\Filter] : Driver Group -> OK
[HKLM | Minimal\PCI Configuration] : Driver Group -> OK
[HKLM | Minimal\PNP Filter] : Driver Group -> OK
[HKLM | Minimal\Primary disk] : Driver Group -> OK
[HKLM | Minimal\SCSI Class] : Driver Group -> OK
[HKLM | Minimal\System Bus Extender] : Driver Group -> OK
[HKLM | Minimal\AppMgmt] : Service -> OK
[HKLM | Minimal\CryptSvc] : Service -> OK
[HKLM | Minimal\DcomLaunch] : Service -> OK
[HKLM | Minimal\dmadmin] : -> Service
[HKLM | Minimal\dmserver] : -> Service
[HKLM | Minimal\EventLog] : Service -> OK
[HKLM | Minimal\HelpSvc] : Service -> OK
[HKLM | Minimal\Netlogon] : Service -> OK
[HKLM | Minimal\PlugPlay] : Service -> OK
[HKLM | Minimal\RpcSs] : Service -> OK
[HKLM | Minimal\SRService] : -> Service
[HKLM | Minimal\vds] : Service -> OK
[HKLM | Minimal\WinMgmt] : Service -> OK
[HKLM | Minimal\dmboot.sys] : -> Driver
[HKLM | Minimal\dmio.sys] : -> Driver
[HKLM | Minimal\dmload.sys] : -> Driver
[HKLM | Minimal\sermouse.sys] : Driver -> OK
[HKLM | Minimal\vga.sys] : Driver -> OK
[HKLM | Minimal\vgasave.sys] : Driver -> OK
[HKLM | Minimal\sr.sys] : -> FSFilter System Recovery
[HKLM | Minimal\{36FC9E60-C465-11CF-8056-444553540000}] : Universal Serial Bus controllers -> OK
[HKLM | Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] : CD-ROM Drive -> OK
[HKLM | Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] : DiskDrive -> OK
[HKLM | Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] : Standard floppy disk controller -> OK
[HKLM | Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] : Hdc -> OK
[HKLM | Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] : Keyboard -> OK
[HKLM | Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] : Mouse -> OK
[HKLM | Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] : PCMCIA Adapters -> OK
[HKLM | Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] : SCSIAdapter -> OK
[HKLM | Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] : System -> OK
[HKLM | Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] : Floppy disk drive -> OK
[HKLM | Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] : Volume shadow copy -> OK
[HKLM | Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] : Volume -> OK
[HKLM | Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] : Human Interface Devices -> OK
¤
[HKLM | Network\Base] : Driver Group -> OK
[HKLM | Network\Boot Bus Extender] : Driver Group -> OK
[HKLM | Network\Boot file system] : Driver Group -> OK
[HKLM | Network\File system] : Driver Group -> OK
[HKLM | Network\Filter] : Driver Group -> OK
[HKLM | Network\NDIS] : Driver Group -> OK
[HKLM | Network\NDIS Wrapper] : Driver Group -> OK
[HKLM | Network\NetBIOSGroup] : Driver Group -> OK
[HKLM | Network\NetDDEGroup] : Driver Group -> OK
[HKLM | Network\Network] : Driver Group -> OK
[HKLM | Network\NetworkProvider] : Driver Group -> OK
[HKLM | Network\PCI Configuration] : Driver Group -> OK
[HKLM | Network\PNP Filter] : Driver Group -> OK
[HKLM | Network\PNP_TDI] : Driver Group -> OK
[HKLM | Network\Primary disk] : Driver Group -> OK
[HKLM | Network\SCSI Class] : Driver Group -> OK
[HKLM | Network\Streams Drivers] : Driver Group -> OK
[HKLM | Network\System Bus Extender] : Driver Group -> OK
[HKLM | Network\TDI] : Driver Group -> OK
[HKLM | Network\AFD] : Service -> OK
[HKLM | Network\AppMgmt] : Service -> OK
[HKLM | Network\Browser] : Service -> OK
[HKLM | Network\CryptSvc] : Service -> OK
[HKLM | Network\DcomLaunch] : Service -> OK
[HKLM | Network\Dhcp] : Service -> OK
[HKLM | Network\dmadmin] : -> Service
[HKLM | Network\dmserver] : -> Service
[HKLM | Network\DnsCache] : Service -> OK
[HKLM | Network\EventLog] : Service -> OK
[HKLM | Network\HelpSvc] : Service -> OK
[HKLM | Network\LanmanServer] : Service -> OK
[HKLM | Network\LanmanWorkstation] : Service -> OK
[HKLM | Network\LmHosts] : Service -> OK
[HKLM | Network\Messenger] : Service -> OK
[HKLM | Network\Ndisuio] : Service -> OK
[HKLM | Network\NetBIOS] : Service -> OK
[HKLM | Network\NetBT] : Service -> OK
[HKLM | Network\Netlogon] : Service -> OK
[HKLM | Network\NetMan] : Service -> OK
[HKLM | Network\NtLmSsp] : -> Service
[HKLM | Network\PlugPlay] : Service -> OK
[HKLM | Network\rdsessmgr] : Service -> OK
[HKLM | Network\RpcSs] : Service -> OK
[HKLM | Network\sharedaccess] : Service -> OK
[HKLM | Network\SRService] : -> Service
[HKLM | Network\Tcpip] : Service -> OK
[HKLM | Network\termservice] : -> Service
[HKLM | Network\vds] : Service -> OK
[HKLM | Network\WinMgmt] : Service -> OK
[HKLM | Network\Wlansvc] : Service -> OK
[HKLM | Network\dmboot.sys] : -> Driver
[HKLM | Network\dmio.sys] : -> Driver
[HKLM | Network\dmload.sys] : -> Driver
[HKLM | Network\ipnat.sys] : Driver -> OK
[HKLM | Network\ip6fw.sys] : -> Driver
[HKLM | Network\rdpcdd.sys] : -> Driver
[HKLM | Network\sr.sys] : -> FSFilter System Recovery
[HKLM | Network\{36FC9E60-C465-11CF-8056-444553540000}] : Universal Serial Bus controllers -> OK
[HKLM | Network\{4D36E965-E325-11CE-BFC1-08002BE10318}] : CD-ROM Drive -> OK
[HKLM | Network\{4D36E967-E325-11CE-BFC1-08002BE10318}] : DiskDrive -> OK
[HKLM | Network\{4D36E969-E325-11CE-BFC1-08002BE10318}] : Standard floppy disk controller -> OK
[HKLM | Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] : Hdc -> OK
[HKLM | Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] : Keyboard -> OK
[HKLM | Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] : Mouse -> OK
[HKLM | Network\{4D36E972-E325-11CE-BFC1-08002BE10318}] : Net -> OK
[HKLM | Network\{4D36E973-E325-11CE-BFC1-08002BE10318}] : NetClient -> OK
[HKLM | Network\{4D36E974-E325-11CE-BFC1-08002BE10318}] : NetService -> OK
[HKLM | Network\{4D36E975-E325-11CE-BFC1-08002BE10318}] : NetTrans -> OK
[HKLM | Network\{4D36E977-E325-11CE-BFC1-08002BE10318}] : PCMCIA Adapters -> OK
[HKLM | Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}] : SCSIAdapter -> OK
[HKLM | Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}] : System -> OK
[HKLM | Network\{4D36E980-E325-11CE-BFC1-08002BE10318}] : Floppy disk drive -> OK
[HKLM | Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] : Volume -> OK
[HKLM | Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] : Human Interface Devices -> OK
¤¤¤¤¤¤¤¤¤¤ | IFEO
¤¤¤¤¤¤¤¤¤¤ | Mountpoints2
¤¤¤¤¤¤¤¤¤¤ | Windows
[HKLM | Session Manager\SubSystems]|[Windows] : winsrv : %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]|[AppInit_DLLS] :
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]|[Programs] : com exe bat pif cmd
¤¤¤¤¤¤¤¤¤¤ | Security Center
[HKLM | Security Center]|[AntiVirusDisableNotify] : 0
[HKLM | Security Center]|[FirewallDisableNotify] : 0
[HKLM | Security Center]|[UpdatesDisableNotify] : 0
[HKLM | Security Center\svc]|[AntispywareOverride] : 0
[HKLM | Security Center\svc]|[AntiVirusOverride] : 0
[HKLM | Security Center\svc]|[FirewallOverride] : 0
[HKLM | FirewallPolicy\DomainProfile]|[DisableNotifications] : 0
[HKLM | FirewallPolicy\StandardProfile]|[DisableNotifications] : 0
¤¤¤¤¤¤¤¤¤¤ | Services Corrections
[Compbatt] : 4 -> 0 : Inactif
[RPCSS] : 2 : Actif
[Profsvc] : 2 : Actif
[PlugPlay] : 2 : Actif
[PEAUTH] : 2 : Actif
[Parvdm] : 2 : Actif
[nsi] : 2 : Actif
[NLASvc] : 2 : Actif
[MPSsvc] : 2 : Actif
[MMCSS] : 2 : Actif
[luafv] : 2 : Actif
[lltdio] : 2 : Actif
[Iphlpsvc] : 2 : Actif
[IKEEXT] : 2 : Actif
[gpsvc] : 2 : Actif
[lmhosts] : 2 : Actif
[LanmanWorkstation] : 2 : Actif
[LanmanServer] : 2 : Actif
[agp440] : 3 -> 2 : Inactif
[AudioEndpointBuilder] : 2 : Actif
[Audiosrv] : 2 : Actif
[BFE] : 2 : Actif
[Bits] : 3 -> 2 : Inactif
[CryptSvc] : 2 : Actif
[EapHost] : 3 -> 2 : Inactif
[Wlansvc] : 3 -> 2 : Inactif
[SharedAccess] : 2 : Inactif
[windefend] : 3 -> 2 : Inactif
[winmgmt] : 2 : Actif
[wuauserv] : 2 : Actif
[wudfsvc] : 2 : Actif
[WerSvc] : 2 : Actif
[wscsvc] : 2 : Actif
[Ndisuio] : 3 : Inactif
20:15:55
¤¤¤¤¤¤¤¤¤¤ | Internet Explorer
[HKU\S-1-5-21-1170913042-1277233965-3038881231-1000 | Main]|[Start Page] : https://www.msn.com/fr-fr -> https://www.google.com/?gws_rd=ssl
[HKU\S-1-5-18 | Main]|[Start Page] : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome -> https://www.google.com/?gws_rd=ssl
[HKU\S-1-5-21-1170913042-1277233965-3038881231-1000 | Main]|[Local Page] : C:\Windows\system32\blank.htm
[HKU\S-1-5-18 | Main]|[Search Page] : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
[HKLM | Search]|[SearchAssistant] : -> http://www.google.com/toolbar/ie8/sidebar.html
[HKLM | Main]|[Start Page] : https://www.msn.com/fr-fr -> https://www.msn.com/fr-fr/?ocid=iehp
[HKLM | Main]|[Local Page] : C:\Windows\System32\blank.htm
[HKLM | Main]|[Default_Search_URL] : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
[HKLM | Main]|[Default_Page_URL] : https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF -> https://www.msn.com/fr-fr/?ocid=iehp
[HKLM | Main]|[Search Page] : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
[HKLM | AboutURLs]|[Tabs] : res://ieframe.dll/tabswelcome.htm
¤
[HKU\S-1-5-21-1170913042-1277233965-3038881231-1000 | PhishingFilter]|[Enabled] : 2
[HKU\S-1-5-21-1170913042-1277233965-3038881231-1000 | PhishingFilter]|[EnabledV8] : 1
[HKU\S-1-5-21-1170913042-1277233965-3038881231-1000 | Internet settings]|[ProxyOverride] : *.local
[HKU\S-1-5-19 | Internet settings]|[EnableHttp1_1] : 1
[HKU\S-1-5-20 | Internet settings]|[EnableHttp1_1] : 1
[HKU\S-1-5-21-1170913042-1277233965-3038881231-1000 | Internet settings]|[EnableHttp1_1] : 1
[HKU\S-1-5-21-1170913042-1277233965-3038881231-1000 | Internet settings]|[MigrateProxy] : 1
[HKU\S-1-5-18 | Internet settings]|[MigrateProxy] : 1
[HKU\S-1-5-19 | Internet settings]|[AutoConfigProxy] : wininet.dll
[HKU\S-1-5-20 | Internet settings]|[AutoConfigProxy] : wininet.dll
[HKU\S-1-5-21-1170913042-1277233965-3038881231-1000 | Internet settings]|[AutoConfigProxy] : wininet.dll
¤¤¤¤¤¤¤¤¤¤ | Firefox
Profile : sqt43kb3.default
user_pref("browser.download.dir", "C:\\Users\\yannos\\Tracing\\Downloads");
user_pref("browser.download.lastDir", "C:\\Users\\yannos\\Desktop");
user_pref("browser.startup.homepage_override.buildID", "20120905151427");
user_pref("browser.startup.homepage_override.mstone", "15.0.1");
line Deleted : user_pref("extensions.enabledItems", "{71328583-3CA7-4809-B4BA-570A85818FBB}:0.5b4,{3112ca9c-de6d-4884-a869-9855de68056c}:7.1.20101113Wb1,{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07,{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11,{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13,{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15,{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16,{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17,{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}:6.0.19,{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20,{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21,{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22,{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23,{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24,{20a82645-c095-46ed-80e3-08825760534b}:1.1,{ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.1,{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26,HBLite@HBLite.com:11.0.0.0,{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}:15.0.4,wrc@avast.com:7.0.1466,ffxtlbr@babylon.com:1.2.0,{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}:2.0,{EEE6C361-6118-11DC-9C72-001320C79847}:1.5.0.2,gencrawler@some.com:2.6,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.10");
¤¤¤¤¤¤¤¤¤¤ | Extensions | Plugins
C:\Users\yannos\AppData\Roaming\Mozilla\Firefox\Profiles\sqt43kb3.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
C:\Users\yannos\AppData\Roaming\Mozilla\Firefox\Profiles\sqt43kb3.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
C:\Users\yannos\AppData\Roaming\Mozilla\Firefox\Profiles\sqt43kb3.default\searchplugins\askcomsearch.xml
C:\Users\yannos\AppData\Roaming\Mozilla\Firefox\Profiles\sqt43kb3.default\searchplugins\bing.xml
C:\Program Files\Mozilla Firefox\extensions\realplayer@partners.mozilla.com
C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
C:\Program Files\Mozilla Firefox\searchplugins\bing.xml
C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
C:\Program Files\Mozilla Firefox\searchplugins\google.xml
C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml
¤¤¤¤¤¤¤¤¤¤ | DNS
[HKLM\SYSTEM\CCS | Tcpip\Parameters]|[DhcpNameServer] : 192.168.1.1
[HKLM\SYSTEM\ControlSet001 | Interfaces\{43CB6297-8F46-435E-9C59-4DED67A999A4}]|[DhcpNameServer] : 192.168.42.129
[HKLM\SYSTEM\ControlSet001 | Interfaces\{EBD095F4-2C29-4821-A1FE-C9DBFA915040}]|[DhcpNameServer] : 192.168.1.1
[HKLM\SYSTEM\ControlSet003 | Interfaces\{43CB6297-8F46-435E-9C59-4DED67A999A4}]|[DhcpNameServer] : 192.168.42.129
[HKLM\SYSTEM\ControlSet003 | Interfaces\{EBD095F4-2C29-4821-A1FE-C9DBFA915040}]|[DhcpNameServer] : 192.168.1.1
[HKLM\SYSTEM\CurrentControlSet | Interfaces\{43CB6297-8F46-435E-9C59-4DED67A999A4}]|[DhcpNameServer] : 192.168.42.129
[HKLM\SYSTEM\CurrentControlSet | Interfaces\{EBD095F4-2C29-4821-A1FE-C9DBFA915040}]|[DhcpNameServer] : 192.168.1.1
¤¤¤¤¤¤¤¤¤¤ | Hosts
C:\Windows\System32\Drivers\etc\hosts : Cleaned :)
¤¤¤¤¤¤¤¤¤¤ | Files | Folders | Registry
Quarantined and deleted Successfully : C:\$Recycle.bin\S-1-5-21-1170913042-1277233965-3038881231-1000\$IJJIC07.exe
Quarantined and deleted Successfully : C:\$Recycle.bin\S-1-5-21-1170913042-1277233965-3038881231-1000\$RJJIC07.exe
Quarantined and deleted Successfully : C:\Windows\flow.tmp
Impossible to move : C:\Windows\msdownld.tmp
Quarantined and deleted Successfully : C:\Windows\mozver.dat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\Temp\AdobeARM.log
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\Temp\chrome_installer.log
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\Temp\GoogleToolbarInstaller1.log
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\Temp\jusched.log
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\Temp\LVCOMSX.LOG
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\Temp\MSIcda76.LOG
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\Temp\{B6FE6EEC-7E78-4644-9BF5-A10199943D06}\fpb.tmp
Impossible to move : C:\Users\yannos\AppData\Local\Temp\~DF9E44.tmp
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\Temp\~DF9F9A.tmp
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\Temp\~DFBAF9.tmp
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\Temp\~DFFBF4.tmp
Quarantined and deleted Successfully : C:\Windows\Temp\LVCOMSX.LOG
Quarantined and deleted Successfully : C:\Windows\Temp\MpCmdRun.log
Quarantined and deleted Successfully : C:\Windows\Temp\MpSigStub.log
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Roaming\AVG7\l_000101.log
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Roaming\AVG7\l_000102.log
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Roaming\Azureus\restart.bat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\awaycyq.bat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\cikcaye.bat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\ecucaeu.bat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\eugkc.bat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\gimwk.bat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\gkays.bat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\iayao.bat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\igcqe.bat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\imaqeei.bat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\kgwqwco.bat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\Lollipop\erifbrgc.bat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\Lollipop\erifbrgc.exe
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\Lollipop\lollipop.bat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\Lollipop\mcbgdbb.exe
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\Lollipop\mlkiogm.exe
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\Lollipop\trxvei.exe
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\mqysuyo.bat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\PokerStars\PokerStars.log.0
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\PokerStars\PokerStarsUpdate.log.0
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\PokerStars\PokerStarsUpdateE.log.0
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\PokerStars\_update2.dat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\PokerStars\_updcache.dat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\PokerStars.FR\PokerStars.log.0
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\PokerStars.FR\PokerStars.log.1
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\PokerStars.FR\PokerStarsUpdate.log.0
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\PokerStars.FR\PokerStarsUpdate.log.1
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\PokerStars.FR\PokerStarsUpdateE.log.0
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\PokerStars.FR\PokerStarsUpdateE.log.1
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\PokerStars.FR\Stub.log.0
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\PokerStars.FR\_update2.dat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\PokerStars.FR\_updcache.dat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\qoyoi.bat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\siies.bat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\waausou.bat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\wagmyce.bat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\wwiqs.bat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\ysawk.bat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\microsoft\windows\WindowsUpdate.log
Quarantined and deleted Successfully : C:\ProgramData\avg7\AVG7QT.DAT
Quarantined and deleted Successfully : C:\ProgramData\ma-config.com\mcbase.db
Impossible to move : C:\ProgramData\ma-config.com
Quarantined and deleted Successfully : C:\Users\yannos\jagex_runescape_preferences.dat
Deleted : [HKU\S-1-5-21-1170913042-1277233965-3038881231-1000 | Run]|[erifbrgc] : "c:\users\yannos\appdata\local\lollipop\erifbrgc.exe" erifbrgc
20:35:45
Impossible to move : C:\ProgramData\Installations
Impossible to move : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Install Manager
Impossible to move : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoundDownloader
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Roaming\Microsoft\Windows\Start Menu\Installation du Contrôle Parental.lnk
Quarantined and deleted Successfully : C:\Users\yannos\Desktop\PONE - In my eyes 3.0.mp3
Quarantined and deleted Successfully : C:\Users\yannos\Desktop\SoundDownloader - Raccourci.lnk
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\d3d9caps.dat
Quarantined and deleted Successfully : |D| - C:\Windows\System32\%APPDATA%
¤¤¤¤¤¤¤¤¤¤ | quarantined at reboot
Not quarantined at Reboot : C:\Windows\msdownld.tmp
Not quarantined at Reboot : C:\Users\yannos\AppData\Local\Temp\~DF9E44.tmp
Not quarantined at Reboot : C:\ProgramData\ma-config.com
Not quarantined at Reboot : C:\ProgramData\Installations
Not quarantined at Reboot : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Install Manager
Not quarantined at Reboot : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoundDownloader
Not quarantined at Reboot : C:\Users\yannos\Modèles\H
Not quarantined at Reboot : C:\Users\yannos\AppData\Roaming\Microsoft\Windows\Templates\H
¤¤¤¤¤
20:42:08
¤¤¤¤¤¤¤¤¤¤ | Listing Partition(s)
Disk: 0 Size=238G
Pos MBRndx Type/Name Size Active Hide Start Sector Sectors
--- ------ ---------- ---- ------ ---- ------------ ------------
0 1 07-NTFS 8.8G No No 63 17,928,477
1 0 07-NTFS 230G Yes No 17,928,540 470,463,525
¤¤¤¤¤¤¤¤¤¤ | MBR Control
MBR code signature : C9 6A F9 B0
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 6.0.6002 Disk: SAMSUNG_SP2504C rev.VT100-50 -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
device: opened successfully
user: MBR read successfully
Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
1 ntkrnlpa!IofCallDriver[8308E936] -> \Device\Harddisk0\DR0[85B14030]
3 CLASSPNP[885A68B3] -> ntkrnlpa!IofCallDriver[8308E936] -> [85B78918]
5 acpi[806106BC] -> ntkrnlpa!IofCallDriver[8308E936] -> \Device\Ide\IdeDeviceP0T0L0-0[85B05B98]
kernel: MBR read successfully
_asm { XOR DI, DI; MOV SS, DI; MOV SP, 7a00; MOV BX, 7a0; MOV DS, BX; MOV ES, BX; MOV SI, 200; MOV CX, SI; CLD ; REP MOVSB ; JMP FAR 7a0:a3; }
user & kernel MBR OK
20:42:24
[HKLM | Winlogon] | AutoRestartShell : 0 -> 1
¤¤¤¤¤¤¤¤¤¤ | Hidden files
~ [Disque d:] Folders : 1 | Files : 77 ¤¤¤¤¤ Unhide ¤¤¤¤¤ Folders : 0 | Files : 77
~ [Disque C:] Folders : 1 | Files : 1 ¤¤¤¤¤ Unhide ¤¤¤¤¤ Folders : 1 | Files : 1
~ [ProgramFiles] Folders : 1 | Files : 3 ¤¤¤¤¤ Unhide ¤¤¤¤¤ Folders : 1 | Files : 3
~ [Utilisateurs] Folders : 2 | Files : 0 ¤¤¤¤¤ Unhide ¤¤¤¤¤ Folders : 2 | Files : 0
~ [Music] Folders : 4 | Files : 4 ¤¤¤¤¤ Unhide ¤¤¤¤¤ Folders : 4 | Files : 4
~ [Pictures] Folders : 1 | Files : 0 ¤¤¤¤¤ Unhide ¤¤¤¤¤ Folders : 1 | Files : 0
~ [Videos] Folders : 0 | Files : 1 ¤¤¤¤¤ Unhide ¤¤¤¤¤ Folders : 0 | Files : 1
~ [Downloads] Folders : 0 | Files : 0
~ [Desktop] Folders : 1 | Files : 3 ¤¤¤¤¤ Unhide ¤¤¤¤¤ Folders : 1 | Files : 3
~ [Links] Folders : 0 | Files : 0
~ [Searches] Folders : 0 | Files : 2 ¤¤¤¤¤ Unhide ¤¤¤¤¤ Folders : 0 | Files : 2
~ [Contacts] Folders : 9 | Files : 0 ¤¤¤¤¤ Unhide ¤¤¤¤¤ Folders : 9 | Files : 0
~ [Saved_Games] Folders : 0 | Files : 0
~ [Favorites] Folders : 0 | Files : 0
~ [Documents] Folders : 4 | Files : 0 ¤¤¤¤¤ Unhide ¤¤¤¤¤ Folders : 4 | Files : 0
~ [Windows] Folders : 62 | Files : 203 ¤¤¤¤¤ Unhide ¤¤¤¤¤ Folders : 62 | Files : 203
~ [Start_Menu] Folders : 1 | Files : 0 ¤¤¤¤¤ Unhide ¤¤¤¤¤ Folders : 1 | Files : 0
~ [Libraries] Folders : 0 | Files : 0
~ [quick launch] Folders : 0 | Files : 0
~ [AppData] Folders : 1 | Fil
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Pre_Scan | 2.0920 | g3n-h@ckm@n & Saachaa | ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
¤¤¤¤¤ XP | Vista | 7 | 8 - 32/64 bits ¤¤¤¤¤
~ Update on 20/09/2012 | 23.55 by g3n-h@ckm@n
~ Informations | Evolution : https://gen-hackman.kanak.fr/
~ Informations for the switches Pre_Script : https://gen-hackman.kanak.fr/
~ Feedback Pre_scan : https://gen-hackman.kanak.fr/#505
~ Thx to C_XX , Slyk for their help for the evolution of the tool
~ User : yannos (Administrateurs) | SID = S-1-5-21-1170913042-1277233965-3038881231-1000
~ Computer : PC-DE-YANNOS
~ System : Windows Vista (TM) Home Premium (32 bits) HomePremium Service Pack 2
~ RegisteredOwner : yannos
~ RegisteredOrganization :
~ ProcessorNameString : AMD Athlon(tm) 64 X2 Dual Core Processor 5600+
~ Identifier : x86 Family 15 Model 67 Stepping 3
~ Mémory RAM = Total (KB) : 1832720 | Used (%) : 38 | Free (KB) : 1133510
~ Pagefile = Total (KB) : 3921470 | Free (KB) : 3105560
~ Virtual = Total (KB) : 2097020 | Free (KB) : 1921370
¤¤¤¤¤¤¤¤¤¤ | Boot's scripts
C:\Windows\Setup\Scripts\setupcomplete.cmd
¤¤¤¤¤¤¤¤¤¤ | Drives
c:\ -> [Fixed] | [Systeme] | Total : 229720 Mo | Free : 30830 Mo -> NTFS
d:\ -> [Fixed] | [RECOVERY] | Total : 8750 Mo | Free : 4470 Mo -> NTFS
Scan : 20:14:11 | 21/09/2012
¤¤¤¤¤¤¤¤¤¤ | Windows Updates
Last(s) détection(s) : 2012-09-20 12:23:45
Last(s) download(s) : 2012-09-19 14:47:22
Last(s) installation(s) : 2012-09-19 14:53:56
Next search : 2012-09-21 19:59:16
~ C:\Windows\system32\config\systemprofile
~ C:\Windows\ServiceProfiles\LocalService
~ C:\Windows\ServiceProfiles\NetworkService
~ C:\Users\yannos
~ C:\Users\Mcx1
New restorepoint created
¤¤¤¤¤¤¤¤¤¤ | MD5 Control
[MD5.F42035F832413D6BCC40EA3B636E2907] - [21/09/2012 20:14:12] - [0.5 Ko] - C:\Pre_Scan\MBR.bin
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - [11/09/2009 16:07:44] - (.© Microsoft Corporation. - Explorateur Windows.) - [2858 Ko] - (6.0.6002.18005) - C:\Windows\explorer.exe
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - [14/09/2012 17:29:02] - (.© Microsoft Corporation. - Explorateur Windows.) - [2858 Ko] - (6.0.6002.18005) - C:\Windows\erdnt\cache\explorer.exe
[MD5.FD8C53FB002217F6F888BCF6F5D7084D] - [02/11/2006 10:47:18] - (.© Microsoft Corporation. - Explorateur Windows.) - [2855 Ko] - (6.0.6000.16386) - C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[MD5.6D06CD98D954FE87FB2DB8108793B399] - [12/12/2007 13:41:18] - (.© Microsoft Corporation. - Explorateur Windows.) - [2855 Ko] - (6.0.6000.16549) - C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[MD5.37440D09DEAE0B672A04DCCF7ABF06BE] - [12/12/2008 18:40:51] - (.© Microsoft Corporation. - Explorateur Windows.) - [2855 Ko] - (6.0.6000.16771) - C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[MD5.BD06F0BF753BC704B653C3A50F89D362] - [12/12/2007 13:41:17] - (.© Microsoft Corporation. - Explorateur Windows.) - [2855 Ko] - (6.0.6000.20668) - C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[MD5.E7156B0B74762D9DE0E66BDCDE06E5FB] - [12/12/2008 18:40:51] - (.© Microsoft Corporation. - Explorateur Windows.) - [2855 Ko] - (6.0.6000.20947) - C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[MD5.FFA764631CB70A30065C12EF8E174F9F] - [18/06/2008 13:49:09] - (.© Microsoft Corporation. - Explorateur Windows.) - [2858.5 Ko] - (6.0.6001.18000) - C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
[MD5.4F554999D7D5F05DAAEBBA7B5BA1089D] - [12/12/2008 18:40:52] - (.© Microsoft Corporation. - Explorateur Windows.) - [2858.5 Ko] - (6.0.6001.18164) - C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[MD5.50BA5850147410CDE89C523AD3BC606E] - [12/12/2008 18:40:52] - (.© Microsoft Corporation. - Explorateur Windows.) - [2859 Ko] - (6.0.6001.22298) - C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - [11/09/2009 16:07:44] - (.© Microsoft Corporation. - Explorateur Windows.) - [2858 Ko] - (6.0.6002.18005) - C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[MD5.ABCA209EBA02CB59233614DB83B4F50D] - [18/06/2008 13:46:27] - (.© Microsoft Corporation. - Processus d'exécuttion client-serveur.) - [6 Ko] - (6.0.6001.18000) - C:\Windows\System32\csrss.exe
[MD5.117B7C8A8B026A5DCE5E3180ED05E823] - [02/11/2006 10:33:03] - (.© Microsoft Corporation. - Processus d'exécuttion client-serveur.) - [7.5 Ko] - (6.0.6000.16386) - C:\Windows\winsxs\x86_microsoft-windows-csrss_31bf3856ad364e35_6.0.6000.16386_none_56ad21dbe72a9d78\csrss.exe
[MD5.ABCA209EBA02CB59233614DB83B4F50D] - [18/06/2008 13:46:27] - (.© Microsoft Corporation. - Client Server Runtime Process.) - [6 Ko] - (6.0.6001.18000) - C:\Windows\winsxs\x86_microsoft-windows-csrss_31bf3856ad364e35_6.0.6001.18000_none_58e3e3d7e415ae4c\csrss.exe
[MD5.D4E6D91C1349B7BFB3599A6ADA56851B] - [14/09/2012 17:29:01] - (.© Microsoft Corporation. - Applications Services et Contrôleur.) - [273 Ko] - (6.0.6002.18005) - C:\Windows\erdnt\cache\services.exe
[MD5.D4E6D91C1349B7BFB3599A6ADA56851B] - [11/09/2009 16:07:15] - (.© Microsoft Corporation. - Applications Services et Contrôleur.) - [273 Ko] - (6.0.6002.18005) - C:\Windows\System32\services.exe
[MD5.329CF3C97CE4C19375C8ABCABAE258B0] - [02/11/2006 10:35:31] - (.© Microsoft Corporation. - Applications Services et Contrôleur.) - [273 Ko] - (6.0.6000.16386) - C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6000.16386_none_cd28fe6bd05df036\services.exe
[MD5.2B336AB6286D6C81FA02CBAB914E3C6C] - [18/06/2008 13:48:36] - (.© Microsoft Corporation. - Applications Services et Contrôleur.) - [272.5 Ko] - (6.0.6001.18000) - C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe
[MD5.D4E6D91C1349B7BFB3599A6ADA56851B] - [11/09/2009 16:07:15] - (.© Microsoft Corporation. - Applications Services et Contrôleur.) - [273 Ko] - (6.0.6002.18005) - C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe
[MD5.98AF15A94CD6AC37248E72E5FE789B35] - [11/09/2009 16:06:13] - (.© Microsoft Corporation. - Windows Session Manager.) - [62.5 Ko] - (6.0.6002.18005) - C:\Windows\System32\smss.exe
[MD5.CAA75757BB3695478C23CB0624342A61] - [02/11/2006 10:33:05] - (.© Microsoft Corporation. - Windows Session Manager.) - [61.5 Ko] - (6.0.6000.16386) - C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6000.16386_none_aa03e6011c468ee6\smss.exe
[MD5.6701DDAF68BEDE6BBEEA9D514D73A35B] - [18/06/2008 13:47:49] - (.© Microsoft Corporation. - Windows Session Manager.) - [62.5 Ko] - (6.0.6001.18000) - C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6001.18000_none_ac3aa7fd19319fba\smss.exe
[MD5.98AF15A94CD6AC37248E72E5FE789B35] - [11/09/2009 16:06:13] - (.© Microsoft Corporation. - Windows Session Manager.) - [62.5 Ko] - (6.0.6002.18005) - C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.18005_none_ae26210916536b06\smss.exe
[MD5.0E135526E9785D085BCD9AEDE6FBCBF9] - [14/09/2012 17:29:02] - (.© Microsoft Corporation. - Application d'ouverture de session Userinit.) - [24.5 Ko] - (6.0.6001.18000) - C:\Windows\erdnt\cache\userinit.exe
[MD5.0E135526E9785D085BCD9AEDE6FBCBF9] - [18/06/2008 13:46:58] - (.© Microsoft Corporation. - Application d'ouverture de session Userinit.) - [24.5 Ko] - (6.0.6001.18000) - C:\Windows\System32\userinit.exe
[MD5.22027835939F86C3E47AD8E3FBDE3D11] - [02/11/2006 10:43:52] - (.© Microsoft Corporation. - Application d'ouverture de session Userinit.) - [24 Ko] - (6.0.6000.16386) - C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
[MD5.0E135526E9785D085BCD9AEDE6FBCBF9] - [18/06/2008 13:46:58] - (.© Microsoft Corporation. - Application d'ouverture de session Userinit.) - [24.5 Ko] - (6.0.6001.18000) - C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - [14/09/2012 17:29:03] - (.© Microsoft Corporation. - Application de démarrage de Windows.) - [94.5 Ko] - (6.0.6001.18000) - C:\Windows\erdnt\cache\wininit.exe
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - [18/06/2008 13:48:25] - (.© Microsoft Corporation. - Application de démarrage de Windows.) - [94.5 Ko] - (6.0.6001.18000) - C:\Windows\System32\wininit.exe
[MD5.D4385B03E8CCCEE6F0EE249F827C1F3E] - [02/11/2006 10:44:42] - (.© Microsoft Corporation. - Application de démarrage de Windows.) - [93.5 Ko] - (6.0.6000.16386) - C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6000.16386_none_2ebbf6d3076595ce\wininit.exe
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - [18/06/2008 13:48:25] - (.© Microsoft Corporation. - Application de démarrage de Windows.) - [94.5 Ko] - (6.0.6001.18000) - C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
[MD5.898E7C06A350D4A1A64A9EA264D55452] - [14/09/2012 17:29:01] - (.© Microsoft Corporation. - Application d'ouverture de session Windows.) - [307 Ko] - (6.0.6002.18005) - C:\Windows\erdnt\cache\winlogon.exe
[MD5.898E7C06A350D4A1A64A9EA264D55452] - [11/09/2009 16:06:57] - (.© Microsoft Corporation. - Application d'ouverture de session Windows.) - [307 Ko] - (6.0.6002.18005) - C:\Windows\System32\winlogon.exe
[MD5.9F75392B9128A91ABAFB044EA350BAAD] - [02/11/2006 10:44:42] - (.© Microsoft Corporation. - Windows Logon Application.) - [301 Ko] - (6.0.6000.16386) - C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[MD5.C2610B6BDBEFC053BBDAB4F1B965CB24] - [18/06/2008 13:48:45] - (.© Microsoft Corporation. - Application d'ouverture de session Windows.) - [307.5 Ko] - (6.0.6001.18000) - C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
[MD5.898E7C06A350D4A1A64A9EA264D55452] - [11/09/2009 16:06:57] - (.© Microsoft Corporation. - Application d'ouverture de session Windows.) - [307 Ko] - (6.0.6002.18005) - C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[MD5.3911B972B55FEA0478476B2E777B29FA] - [17/06/2011 18:50:55] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [267 Ko] - (6.0.6002.18457) - C:\Windows\System32\drivers\afd.sys
[MD5.5D24CAF8EFD924A875698FF28384DB8B] - [02/11/2006 10:58:43] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [264 Ko] - (6.0.6000.16386) - C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6000.16386_none_d5b1809661820e7c\afd.sys
[MD5.763E172A55177E478CB419F88FD0BA03] - [18/06/2008 13:48:43] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [267.5 Ko] - (6.0.6001.18000) - C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6001.18000_none_d7e842925e6d1f50\afd.sys
[MD5.48EB99503533C27AC6135648E5474457] - [17/06/2011 18:50:54] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [267 Ko] - (6.0.6001.18639) - C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6001.18639_none_d7d0e0cc5e7d461c\afd.sys
[MD5.C8AF25017CECB75906A571AC70D2D306] - [17/06/2011 18:50:55] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [267.5 Ko] - (6.0.6001.22905) - C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6001.22905_none_d876efff77862705\afd.sys
[MD5.A201207363AA900ABF1A388468688570] - [11/09/2009 16:06:17] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [267.5 Ko] - (6.0.6002.18005) - C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.18005_none_d9d3bb9e5b8eea9c\afd.sys
[MD5.3911B972B55FEA0478476B2E777B29FA] - [17/06/2011 18:50:55] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [267 Ko] - (6.0.6002.18457) - C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.18457_none_d99fb42e5bb59d9b\afd.sys
[MD5.70EE0FC7A0F384DBD929A01384AEEB4B] - [17/06/2011 18:50:55] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [267.5 Ko] - (6.0.6002.22629) - C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.22629_none_da4bc33774b91967\afd.sys
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - [14/09/2012 17:29:01] - (.© Microsoft Corporation. - ATAPI IDE Miniport Driver.) - [19.48 Ko] - (6.0.6002.18005) - C:\Windows\erdnt\cache\atapi.sys
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - [11/09/2009 16:06:48] - (.© Microsoft Corporation. - ATAPI IDE Miniport Driver.) - [19.48 Ko] - (6.0.6002.18005) - C:\Windows\System32\drivers\atapi.sys
[MD5.2D9C903DC76A66813D350A562DE40ED9] - [18/06/2008 13:47:45] - (.© Microsoft Corporation. - ATAPI IDE Miniport Driver.) - [21.05 Ko] - (6.0.6001.18000) - C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - [11/09/2009 16:06:48] - (.© Microsoft Corporation. - ATAPI IDE Miniport Driver.) - [19.48 Ko] - (6.0.6002.18005) - C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[MD5.6B4BFFB9BECD728097024276430DB314] - [11/09/2009 16:06:03] - (.© Microsoft Corporation. - SCSI CD-ROM Driver.) - [65.5 Ko] - (6.0.6002.18005) - C:\Windows\System32\drivers\cdrom.sys
[MD5.1EC25CEA0DE6AC4718BF89F9E1778B57] - [18/06/2008 13:46:32] - (.© Microsoft Corporation. - SCSI CD-ROM Driver.) - [65.5 Ko] - (6.0.6001.18000) - C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[MD5.6B4BFFB9BECD728097024276430DB314] - [11/09/2009 16:06:03] - (.© Microsoft Corporation. - SCSI CD-ROM Driver.) - [65.5 Ko] - (6.0.6002.18005) - C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - [11/09/2009 16:06:47] - (.© Microsoft Corporation. - MBT Transport driver.) - [181.5 Ko] - (6.0.6002.18005) - C:\Windows\System32\drivers\netbt.sys
[MD5.E3A168912E7EEFC3BD3B814720D68B41] - [02/11/2006 10:57:20] - (.© Microsoft Corporation. - MBT Transport driver.) - [180 Ko] - (6.0.6000.16386) - C:\Windows\winsxs\x86_microsoft-windows-netbt_31bf3856ad364e35_6.0.6000.16386_none_5e2e0665fa591691\netbt.sys
[MD5.7C5FEE5B1C5728507CD96FB4A13E7A02] - [18/06/2008 13:47:31] - (.© Microsoft Corporation. - MBT Transport driver.) - [180 Ko] - (6.0.6001.18000) - C:\Windows\winsxs\x86_microsoft-windows-netbt_31bf3856ad364e35_6.0.6001.18000_none_6064c861f7442765\netbt.sys
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - [11/09/2009 16:06:47] - (.© Microsoft Corporation. - MBT Transport driver.) - [181.5 Ko] - (6.0.6002.18005) - C:\Windows\winsxs\x86_microsoft-windows-netbt_31bf3856ad364e35_6.0.6002.18005_none_6250416df465f2b1\netbt.sys
[MD5.76B06EB8A01FC8624D699E7045303E54] - [14/09/2012 17:29:01] - (.© Microsoft Corporation. - TDI Translation Driver.) - [70.5 Ko] - (6.0.6002.18005) - C:\Windows\erdnt\cache\tdx.sys
[MD5.76B06EB8A01FC8624D699E7045303E54] - [11/09/2009 16:06:15] - (.© Microsoft Corporation. - TDI Translation Driver.) - [70.5 Ko] - (6.0.6002.18005) - C:\Windows\System32\drivers\tdx.sys
[MD5.AB4FDE8AF4A0270A46A001C08CBCE1C2] - [02/11/2006 10:57:35] - (.© Microsoft Corporation. - TDI Translation Driver.) - [66.5 Ko] - (6.0.6000.16386) - C:\Windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6000.16386_none_e807064fdf2a97e3\tdx.sys
[MD5.D09276B1FAB033CE1D40DCBDF303D10F] - [18/06/2008 13:47:58] - (.© Microsoft Corporation. - TDI Translation Driver.) - [70 Ko] - (6.0.6001.18000) - C:\Windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6001.18000_none_ea3dc84bdc15a8b7\tdx.sys
[MD5.76B06EB8A01FC8624D699E7045303E54] - [11/09/2009 16:06:15] - (.© Microsoft Corporation. - TDI Translation Driver.) - [70.5 Ko] - (6.0.6002.18005) - C:\Windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6002.18005_none_ec294157d9377403\tdx.sys
[MD5.147281C01FCB1DF9252DE2A10D5E7093] - [11/09/2009 16:06:51] - (.© Microsoft Corporation. - Pilote de cliché instantané du volume.) - [220.98 Ko] - (6.0.6002.18005) - C:\Windows\System32\drivers\volsnap.sys
[MD5.D8B4A53DD2769F226B3EB374374987C9] - [18/06/2008 13:49:13] - (.© Microsoft Corporation. - Volume Shadow Copy Driver.) - [222.55 Ko] - (6.0.6001.18000) - C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6001.18000_none_15b6b780fc14facd\volsnap.sys
[MD5.147281C01FCB1DF9252DE2A10D5E7093] - [11/09/2009 16:06:51] - (.© Microsoft Corporation. - Volume Shadow Copy Driver.) - [220.98 Ko] - (6.0.6002.18005) - C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6002.18005_none_17a2308cf936c619\volsnap.sys
20:15:50
¤¤¤¤¤¤¤¤¤¤ | Processes stopped
MsMpEng.exe (1040) -> Process stopped !
Ati2evxx.exe (1128) -> Process stopped !
LVPrcSrv.exe (1200) -> Process stopped !
SLsvc.exe (1412) -> Process stopped !
spoolsv.exe (1828) -> Process stopped !
Ati2evxx.exe (1892) -> Process stopped !
armsvc.exe (560) -> Process stopped !
AppleMobileDeviceService.exe (1684) -> Process stopped !
taskeng.exe (576) -> Process stopped !
taskeng.exe (2092) -> Process stopped !
explorer.exe (2200) -> Process stopped !
mDNSResponder.exe (2240) -> Process stopped !
LSSrvc.exe (2292) -> Process stopped !
LVComSer.exe (2400) -> Process stopped !
mbamscheduler.exe (2464) -> Process stopped !
LVComSer.exe (2488) -> Process stopped !
mbamgui.exe (2668) -> Process stopped !
PRISMXL.SYS (2744) -> Process stopped !
SearchIndexer.exe (2908) -> Process stopped !
Communications_Helper.exe (3016) -> Process stopped !
Quickcam.exe (3064) -> Process stopped !
PWRISOVM.EXE (3204) -> Process stopped !
UMonit.exe (3256) -> Process stopped !
WUDFHost.exe (3276) -> Process stopped !
winampa.exe (3416) -> Process stopped !
SMSTray.exe (3636) -> Process stopped !
realsched.exe (2980) -> Process stopped !
jusched.exe (3120) -> Process stopped !
MOM.exe (2088) -> Process stopped !
msseces.exe (3452) -> Process stopped !
sidebar.exe (3616) -> Process stopped !
ehtray.exe (3680) -> Process stopped !
wmpnscfg.exe (2932) -> Process stopped !
erifbrgc.exe (3964) -> Process stopped !
mobsync.exe (3792) -> Process stopped !
ehmsas.exe (2428) -> Process stopped !
wmplayer.exe (3348) -> Process stopped !
wmpnetwk.exe (2160) -> Process stopped !
COCIManager.exe (4988) -> Process stopped !
CCC.exe (3192) -> Process stopped !
conime.exe (7528) -> Process stopped !
conime.exe (8016) -> Process stopped !
conime.exe (9276) -> Process stopped !
conime.exe (9400) -> Process stopped !
conime.exe (12768) -> Process stopped !
conime.exe (14176) -> Process stopped !
conime.exe (12492) -> Process stopped !
taskeng.exe (6768) -> Process stopped !
¤¤¤¤¤¤¤¤¤¤ | Running processes
Boot : Normal
[MD5.98AF15A94CD6AC37248E72E5FE789B35] - [11/09/2009 16:06:13] - 468 | C:\Windows\System32\smss.exe (.Microsoft Corporation - Windows Session Manager.) - (6.0.6002.18005) -> \SystemRoot\System32\smss.exe [64000 Ko]
[MD5.ABCA209EBA02CB59233614DB83B4F50D] - [18/06/2008 13:46:27] - 600 | C:\Windows\system32\csrss.exe (.Microsoft Corporation - Processus d'exécuttion client-serveur.) - (6.0.6001.18000) -> C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16 [6144 Ko]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - [18/06/2008 13:48:25] - 664 | C:\Windows\system32\wininit.exe (.Microsoft Corporation - Application de démarrage de Windows.) - (6.0.6001.18000) -> wininit.exe [96768 Ko]
[MD5.ABCA209EBA02CB59233614DB83B4F50D] - [18/06/2008 13:46:27] - 676 | C:\Windows\system32\csrss.exe (.Microsoft Corporation - Processus d'exécuttion client-serveur.) - (6.0.6001.18000) -> C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16 [6144 Ko]
[MD5.17FFE3A6642B5DE7E93DBC21E124FA19] - [11/09/2009 16:07:15] - 712 | C:\Windows\system32\services.exe (.Microsoft Corporation - Applications Services et Contrôleur.) - (6.0.6002.18005) -> C:\Windows\system32\services.exe [279552 Ko]
[MD5.A3E186B4B935905B829219502557314E] - [16/01/2012 16:57:33] - 728 | C:\Windows\system32\lsass.exe (.Microsoft Corporation - Processus de l'autorité de sécurité locale.) - (6.0.6002.18541) -> C:\Windows\system32\lsass.exe [9728 Ko]
[MD5.7564348D8F099A4441C1A71875E104B5] - [18/06/2008 13:49:07] - 736 | C:\Windows\system32\lsm.exe (.Microsoft Corporation - Service du gestionnaire de session locale.) - (6.0.6001.18000) -> C:\Windows\system32\lsm.exe [229888 Ko]
[MD5.7A556AB2E204BF52993C0C56B61064C5] - [11/09/2009 16:06:57] - 852 | C:\Windows\system32\winlogon.exe (.Microsoft Corporation - Application d'ouverture de session Windows.) - (6.0.6002.18005) -> winlogon.exe [314368 Ko]
[MD5.3794B461C45882E06856F282EEF025AF] - [18/06/2008 13:47:10] - 920 | C:\Windows\system32\svchost.exe (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.0.6001.18000) -> C:\Windows\system32\svchost.exe -k DcomLaunch [21504 Ko]
[MD5.3794B461C45882E06856F282EEF025AF] - [18/06/2008 13:47:10] - 984 | C:\Windows\system32\svchost.exe (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.0.6001.18000) -> C:\Windows\system32\svchost.exe -k rpcss [21504 Ko]
[MD5.3794B461C45882E06856F282EEF025AF] - [18/06/2008 13:47:10] - 1148 | C:\Windows\System32\svchost.exe (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.0.6001.18000) -> C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [21504 Ko]
[MD5.3794B461C45882E06856F282EEF025AF] - [18/06/2008 13:47:10] - 1188 | C:\Windows\System32\svchost.exe (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.0.6001.18000) -> C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [21504 Ko]
[MD5.3794B461C45882E06856F282EEF025AF] - [18/06/2008 13:47:10] - 1316 | C:\Windows\system32\svchost.exe (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.0.6001.18000) -> C:\Windows\system32\svchost.exe -k netsvcs [21504 Ko]
[MD5.3794B461C45882E06856F282EEF025AF] - [18/06/2008 13:47:10] - 1392 | C:\Windows\system32\svchost.exe (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.0.6001.18000) -> C:\Windows\system32\svchost.exe -k GPSvcGroup [21504 Ko]
[MD5.3794B461C45882E06856F282EEF025AF] - [18/06/2008 13:47:10] - 1456 | C:\Windows\system32\svchost.exe (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.0.6001.18000) -> C:\Windows\system32\svchost.exe -k LocalService [21504 Ko]
[MD5.3794B461C45882E06856F282EEF025AF] - [18/06/2008 13:47:10] - 1592 | C:\Windows\system32\svchost.exe (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.0.6001.18000) -> C:\Windows\system32\svchost.exe -k NetworkService [21504 Ko]
[MD5.3794B461C45882E06856F282EEF025AF] - [18/06/2008 13:47:10] - 1856 | C:\Windows\system32\svchost.exe (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.0.6001.18000) -> C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork [21504 Ko]
[MD5.BBA31B625E7B1BCAFE4A30387E9E8238] - [30/06/2007 17:55:26] - 1892 | C:\Windows\system32\Ati2evxx.exe (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - (6.14.10.4222) -> Ati2evxx.exe -Client [733184 Ko]
[MD5.AC0429539F33CEE12CD626CDCB5C9301] - [14/12/2010 22:54:39] - 2092 | C:\Windows\system32\taskeng.exe (.Microsoft Corporation - Moteur du Planificateur de tâches.) - (6.0.6002.18342) -> taskeng.exe {3A23D013-942B-4679-A50D-C0DC598DFEE3} [171520 Ko]
[MD5.01DD1004181FD46ECDC3628228EB269D] - [11/09/2009 16:06:52] - 2128 | C:\Windows\system32\Dwm.exe (.Microsoft Corporation - Gestionnaire de fenêtres du Bureau.) - (6.0.6002.18005) -> "C:\Windows\system32\Dwm.exe" [81920 Ko]
[MD5.1BCF1988220D69B48B41290351D4C847] - [20/07/2007 00:38:54] - 2488 | C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe (.Logitech Inc. - Logitech Video COM Service.) - (1.0.1.2021) -> "C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe" /keymon [186904 Ko]
[MD5.5F72F7B89D2FFFF87786231DB9F92BCF] - [13/09/2012 17:01:02] - 2568 | C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - (1.65.0.0) -> "C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe" [676936 Ko]
[MD5.3794B461C45882E06856F282EEF025AF] - [18/06/2008 13:47:10] - 2700 | C:\Windows\system32\svchost.exe (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.0.6001.18000) -> C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted [21504 Ko]
[MD5.3794B461C45882E06856F282EEF025AF] - [18/06/2008 13:47:10] - 2776 | C:\Windows\system32\svchost.exe (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.0.6001.18000) -> C:\Windows\system32\svchost.exe -k imgsvc [21504 Ko]
[MD5.3794B461C45882E06856F282EEF025AF] - [18/06/2008 13:47:10] - 2820 | C:\Windows\System32\svchost.exe (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.0.6001.18000) -> C:\Windows\System32\svchost.exe -k WerSvcGroup [21504 Ko]
[MD5.8274C87726D4561EE8750D883764ACC1] - [11/09/2009 16:06:08] - 888 | C:\Windows\system32\wbem\unsecapp.exe (.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) - (6.0.6002.18005) -> C:\Windows\system32\wbem\unsecapp.exe -Embedding [37888 Ko]
[MD5.9E69F26034694A7FD5F1596A71F60DD1] - [11/09/2009 16:07:31] - 2652 | C:\Windows\system32\wbem\wmiprvse.exe (.Microsoft Corporation - WMI Provider Host.) - (6.0.6002.18005) -> C:\Windows\system32\wbem\wmiprvse.exe [247296 Ko]
[MD5.3794B461C45882E06856F282EEF025AF] - [18/06/2008 13:47:10] - 4524 | C:\Windows\system32\svchost.exe (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.0.6001.18000) -> C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [21504 Ko]
[MD5.AC0429539F33CEE12CD626CDCB5C9301] - [14/12/2010 22:54:39] - 6768 | C:\Windows\system32\taskeng.exe (.Microsoft Corporation - Moteur du Planificateur de tâches.) - (6.0.6002.18342) -> taskeng.exe {532BB841-8449-4D3B-93E7-09FE084925AC} [171520 Ko]
[MD5.9E69F26034694A7FD5F1596A71F60DD1] - [11/09/2009 16:07:31] - 7020 | C:\Windows\system32\wbem\wmiprvse.exe (.Microsoft Corporation - WMI Provider Host.) - (6.0.6002.18005) -> C:\Windows\system32\wbem\wmiprvse.exe [247296 Ko]
[MD5.F150883C9D31A352A05362AFDF2F161C] - [21/09/2012 17:17:51] - 14608 | C:\Users\yannos\Desktop\winlogon.exe (. - g3n-h@ckm@n.) - (2.0.9.20) -> "C:\Users\yannos\Desktop\winlogon.exe" [1762422 Ko]
[MD5.BD8235468636C0336809E02870F6A9F4] - [18/06/2008 13:48:15] - 14704 | C:\Windows\system32\WUDFHost.exe (.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l'infrastructure de pilotes en mode utilisateur.) - (6.0.6001.18000) -> "C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-463e8399-9f42-46fc-927b-469be53c320b -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-59a48917-b528-4b54-aa89-6a584a076bae -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-66266776-aefd-418f-9de0-d9821b2e0e08 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:c33daea3-25b3-4745-bbf9-f5f56607ddd2 [142336 Ko]
[MD5.90DC23D940551DB35367FB1E40575B25] - [11/11/2010 12:26:40] - 14948 | c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (.Microsoft Corporation - Antimalware Service Executable.) - (3.0.8107.0) -> "c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe" [11736 Ko]
[MD5.6080A176D09435FC8E6E800996656E18] - [11/09/2009 16:06:17] - 14456 | C:\Windows\system32\conime.exe (.Microsoft Corporation - Console IME.) - (6.0.6002.18005) -> C:\Windows\system32\conime.exe [69120 Ko]
[MD5.701AAD2C6A028D1A53F15B904E78218A] - [11/09/2009 16:08:09] - 2632 | C:\Windows\system32\SearchIndexer.exe (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.6002.18005) -> C:\Windows\system32\SearchIndexer.exe /Embedding [441344 Ko]
[MD5.DEA3C2999A915F45B2F17A825226B80E] - [18/06/2008 13:48:38] - 4168 | C:\Program Files\Windows Media Player\wmpnetwk.exe (.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) - (11.0.6001.7000) -> "C:\Program Files\Windows Media Player\wmpnetwk.exe" [896512 Ko]
[MD5.AC0429539F33CEE12CD626CDCB5C9301] - [14/12/2010 22:54:39] - 7280 | C:\Windows\system32\taskeng.exe (.Microsoft Corporation - Moteur du Planificateur de tâches.) - (6.0.6002.18342) -> taskeng.exe {50F93F23-B2E2-4B81-8D6C-351D23CC042C} [171520 Ko]
[MD5.8554097E5136C3BF9F69FE578A1B35F4] - [16/09/2010 17:54:47] - 7740 | C:\Windows\System32\spoolsv.exe (.Microsoft Corporation - Application sous-système spouleur.) - (6.0.6002.18294) -> C:\Windows\System32\spoolsv.exe [128000 Ko]
[MD5.20F6F19FE9E753F2780DC2FA083AD597] - [25/05/2011 14:06:20] - 7040 | C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (.Apple Inc. - MobileDeviceService.) - (17.66.0.47) -> "C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" [37664 Ko]
[MD5.1DEBC8BCFDEFF1DC081B9C3D339681F0] - [11/09/2009 16:07:55] - 6160 | C:\Windows\system32\SearchProtocolHost.exe (.Microsoft Corporation - Microsoft Windows Search Protocol Host.) - (7.0.6002.18005) -> "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" [185344 Ko]
[MD5.C9EE7FF225EAC1CB9C78C413667CDB80] - [11/09/2009 16:07:55] - 4416 | C:\Windows\system32\SearchFilterHost.exe (.Microsoft Corporation - Microsoft Windows Search Filter Host.) - (7.0.6002.18005) -> "C:\Windows\system32\SearchFilterHost.exe" 0 620 624 632 65536 628 [87552 Ko]
¤¤¤¤¤¤¤¤¤¤ | Winlogon
¤
[HKLM | Winlogon]|[Shell] : Explorer.exe
[HKLM | Winlogon]|[AutoRestartShell] : 0
[HKLM | Winlogon]|[userinit] : C:\Windows\system32\userinit.exe,
[HKLM | Winlogon]|[PowerDownAfterShutdown] : 0 -> 1
[HKLM | Winlogon]|[System] :
¤¤¤¤¤¤¤¤¤¤ | Associations
[.exe] : exefile
[exefile | command] : "%1" %*
[.com] : ComFile
[comfile | command] : "%1" %*
[.reg] : regfile
[regfile | command] : regedit.exe "%1"
[.scr] : scrfile
[scrfile | command] : "%1" /S
[.bat] : batfile
[batfile | command] : "%1" %*
[.cmd] : cmdfile
[cmdfile | command] : "%1" %*
[.pif] : piffile
[piffile | command] : "%1" %*
[.url] : InternetShortcut
[InternetShortcut | command] : "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l
[Application.Manifest | command] : rundll32.exe dfshim.dll,ShOpenVerbApplication %1
[Application.Reference | command] : rundll32.exe dfshim.dll,ShOpenVerbShortcut %1|%2
[Folder | command] : C:\Windows\explorer.exe
¤
[Firefox | Command] | @ : C:\Program Files\Mozilla Firefox\firefox.exe -> "C:\Program Files\Mozilla Firefox\Firefox.exe"
[Firefox - Safemode | Command] | @ : "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode
[IE | Command] | @ : "C:\Program Files\Internet Explorer\iexplore.exe"
[Applications | IE | Command] | @ : "C:\Program Files\Internet Explorer\iexplore.exe" %1
[Assoc | Applications] | @ : http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s -> http://shell.windows.com/fileassoc/%04x/xml/redir.asp?Ext=%s
¤¤¤¤¤¤¤¤¤¤ | Corrections diverses
[HKLM | Advanced\Folder\Hidden\SHOWALL]|[CheckedValue] : 1
[HKLM | CurrentVersion\Explorer]|[AlwaysUnloadDll] : -> 1
[HKU\S-1-5-19 | Desktop]|[Wallpaper] : C:\windows\Web\Wallpaper\img24.jpg
[HKU\S-1-5-20 | Desktop]|[Wallpaper] : C:\windows\Web\Wallpaper\img24.jpg
[HKU\S-1-5-21-1170913042-1277233965-3038881231-1000 | Desktop]|[Wallpaper] : C:\Users\yannos\Pictures\Mes images\Mes images\300799_10150365221549411_567069410_8099136_1478819840_n.jpg
[HKU\S-1-5-18 | Desktop]|[Wallpaper] : (None)
[HKU\S-1-5-19 | Explorer\Advanced]|[Hidden] : -> 0
[HKU\S-1-5-20 | Explorer\Advanced]|[Hidden] : -> 0
[HKU\S-1-5-21-1170913042-1277233965-3038881231-1000 | Explorer\Advanced]|[Hidden] : 2 -> 0
[HKU\S-1-5-21-1170913042-1277233965-3038881231-1000_Classes | Explorer\Advanced]|[Hidden] : -> 0
[HKU\S-1-5-18 | Explorer\Advanced]|[Hidden] : -> 0
[HKLM | Policies\System]|[DisableRegistryTools] : 0
[HKLM | Control\SafeBoot]|[AlternateShell] : cmd.exe
[HKLM | HideDesktopIcons\NewStartPanel]|[{9343812e-1c37-4a49-a12e-4b2d810d956b}] : 1 -> 0
[HKLM | HideDesktopIcons\NewStartPanel]|[{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}] : 1 -> 0
[HKLM | HideDesktopIcons\NewStartPanel]|[{20D04FE0-3AEA-1069-A2D8-08002B30309D}] : 1 -> 0
[HKLM | HideDesktopIcons\NewStartPanel]|[{208D2C60-3AEA-1069-A2D7-08002B30309D}] : 1 -> 0
[HKLM | HideDesktopIcons\NewStartPanel]|[{871C5380-42A0-1069-A2EA-08002B30309D}] : 1 -> 0
[HKLM | HideDesktopIcons\NewStartPanel]|[{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}] : 1 -> 0
[HKLM | HideDesktopIcons\NewStartPanel]|[{59031a47-3f72-44a7-89c5-5595fe6b30ee}] : 1 -> 0
20:15:54
¤¤¤¤¤¤¤¤¤¤ | SafeBoot | Control | Repair
[HKLM | Safeboot] -> OK
[HKLM | Safeboot\Minimal] -> OK
[HKLM | Safeboot\Network] -> OK
¤
[HKLM | Minimal\Base] : Driver Group -> OK
[HKLM | Minimal\Boot Bus Extender] : Driver Group -> OK
[HKLM | Minimal\Boot file system] : Driver Group -> OK
[HKLM | Minimal\File system] : Driver Group -> OK
[HKLM | Minimal\Filter] : Driver Group -> OK
[HKLM | Minimal\PCI Configuration] : Driver Group -> OK
[HKLM | Minimal\PNP Filter] : Driver Group -> OK
[HKLM | Minimal\Primary disk] : Driver Group -> OK
[HKLM | Minimal\SCSI Class] : Driver Group -> OK
[HKLM | Minimal\System Bus Extender] : Driver Group -> OK
[HKLM | Minimal\AppMgmt] : Service -> OK
[HKLM | Minimal\CryptSvc] : Service -> OK
[HKLM | Minimal\DcomLaunch] : Service -> OK
[HKLM | Minimal\dmadmin] : -> Service
[HKLM | Minimal\dmserver] : -> Service
[HKLM | Minimal\EventLog] : Service -> OK
[HKLM | Minimal\HelpSvc] : Service -> OK
[HKLM | Minimal\Netlogon] : Service -> OK
[HKLM | Minimal\PlugPlay] : Service -> OK
[HKLM | Minimal\RpcSs] : Service -> OK
[HKLM | Minimal\SRService] : -> Service
[HKLM | Minimal\vds] : Service -> OK
[HKLM | Minimal\WinMgmt] : Service -> OK
[HKLM | Minimal\dmboot.sys] : -> Driver
[HKLM | Minimal\dmio.sys] : -> Driver
[HKLM | Minimal\dmload.sys] : -> Driver
[HKLM | Minimal\sermouse.sys] : Driver -> OK
[HKLM | Minimal\vga.sys] : Driver -> OK
[HKLM | Minimal\vgasave.sys] : Driver -> OK
[HKLM | Minimal\sr.sys] : -> FSFilter System Recovery
[HKLM | Minimal\{36FC9E60-C465-11CF-8056-444553540000}] : Universal Serial Bus controllers -> OK
[HKLM | Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] : CD-ROM Drive -> OK
[HKLM | Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] : DiskDrive -> OK
[HKLM | Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] : Standard floppy disk controller -> OK
[HKLM | Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] : Hdc -> OK
[HKLM | Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] : Keyboard -> OK
[HKLM | Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] : Mouse -> OK
[HKLM | Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] : PCMCIA Adapters -> OK
[HKLM | Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] : SCSIAdapter -> OK
[HKLM | Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] : System -> OK
[HKLM | Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] : Floppy disk drive -> OK
[HKLM | Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] : Volume shadow copy -> OK
[HKLM | Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] : Volume -> OK
[HKLM | Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] : Human Interface Devices -> OK
¤
[HKLM | Network\Base] : Driver Group -> OK
[HKLM | Network\Boot Bus Extender] : Driver Group -> OK
[HKLM | Network\Boot file system] : Driver Group -> OK
[HKLM | Network\File system] : Driver Group -> OK
[HKLM | Network\Filter] : Driver Group -> OK
[HKLM | Network\NDIS] : Driver Group -> OK
[HKLM | Network\NDIS Wrapper] : Driver Group -> OK
[HKLM | Network\NetBIOSGroup] : Driver Group -> OK
[HKLM | Network\NetDDEGroup] : Driver Group -> OK
[HKLM | Network\Network] : Driver Group -> OK
[HKLM | Network\NetworkProvider] : Driver Group -> OK
[HKLM | Network\PCI Configuration] : Driver Group -> OK
[HKLM | Network\PNP Filter] : Driver Group -> OK
[HKLM | Network\PNP_TDI] : Driver Group -> OK
[HKLM | Network\Primary disk] : Driver Group -> OK
[HKLM | Network\SCSI Class] : Driver Group -> OK
[HKLM | Network\Streams Drivers] : Driver Group -> OK
[HKLM | Network\System Bus Extender] : Driver Group -> OK
[HKLM | Network\TDI] : Driver Group -> OK
[HKLM | Network\AFD] : Service -> OK
[HKLM | Network\AppMgmt] : Service -> OK
[HKLM | Network\Browser] : Service -> OK
[HKLM | Network\CryptSvc] : Service -> OK
[HKLM | Network\DcomLaunch] : Service -> OK
[HKLM | Network\Dhcp] : Service -> OK
[HKLM | Network\dmadmin] : -> Service
[HKLM | Network\dmserver] : -> Service
[HKLM | Network\DnsCache] : Service -> OK
[HKLM | Network\EventLog] : Service -> OK
[HKLM | Network\HelpSvc] : Service -> OK
[HKLM | Network\LanmanServer] : Service -> OK
[HKLM | Network\LanmanWorkstation] : Service -> OK
[HKLM | Network\LmHosts] : Service -> OK
[HKLM | Network\Messenger] : Service -> OK
[HKLM | Network\Ndisuio] : Service -> OK
[HKLM | Network\NetBIOS] : Service -> OK
[HKLM | Network\NetBT] : Service -> OK
[HKLM | Network\Netlogon] : Service -> OK
[HKLM | Network\NetMan] : Service -> OK
[HKLM | Network\NtLmSsp] : -> Service
[HKLM | Network\PlugPlay] : Service -> OK
[HKLM | Network\rdsessmgr] : Service -> OK
[HKLM | Network\RpcSs] : Service -> OK
[HKLM | Network\sharedaccess] : Service -> OK
[HKLM | Network\SRService] : -> Service
[HKLM | Network\Tcpip] : Service -> OK
[HKLM | Network\termservice] : -> Service
[HKLM | Network\vds] : Service -> OK
[HKLM | Network\WinMgmt] : Service -> OK
[HKLM | Network\Wlansvc] : Service -> OK
[HKLM | Network\dmboot.sys] : -> Driver
[HKLM | Network\dmio.sys] : -> Driver
[HKLM | Network\dmload.sys] : -> Driver
[HKLM | Network\ipnat.sys] : Driver -> OK
[HKLM | Network\ip6fw.sys] : -> Driver
[HKLM | Network\rdpcdd.sys] : -> Driver
[HKLM | Network\sr.sys] : -> FSFilter System Recovery
[HKLM | Network\{36FC9E60-C465-11CF-8056-444553540000}] : Universal Serial Bus controllers -> OK
[HKLM | Network\{4D36E965-E325-11CE-BFC1-08002BE10318}] : CD-ROM Drive -> OK
[HKLM | Network\{4D36E967-E325-11CE-BFC1-08002BE10318}] : DiskDrive -> OK
[HKLM | Network\{4D36E969-E325-11CE-BFC1-08002BE10318}] : Standard floppy disk controller -> OK
[HKLM | Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] : Hdc -> OK
[HKLM | Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] : Keyboard -> OK
[HKLM | Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] : Mouse -> OK
[HKLM | Network\{4D36E972-E325-11CE-BFC1-08002BE10318}] : Net -> OK
[HKLM | Network\{4D36E973-E325-11CE-BFC1-08002BE10318}] : NetClient -> OK
[HKLM | Network\{4D36E974-E325-11CE-BFC1-08002BE10318}] : NetService -> OK
[HKLM | Network\{4D36E975-E325-11CE-BFC1-08002BE10318}] : NetTrans -> OK
[HKLM | Network\{4D36E977-E325-11CE-BFC1-08002BE10318}] : PCMCIA Adapters -> OK
[HKLM | Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}] : SCSIAdapter -> OK
[HKLM | Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}] : System -> OK
[HKLM | Network\{4D36E980-E325-11CE-BFC1-08002BE10318}] : Floppy disk drive -> OK
[HKLM | Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] : Volume -> OK
[HKLM | Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] : Human Interface Devices -> OK
¤¤¤¤¤¤¤¤¤¤ | IFEO
¤¤¤¤¤¤¤¤¤¤ | Mountpoints2
¤¤¤¤¤¤¤¤¤¤ | Windows
[HKLM | Session Manager\SubSystems]|[Windows] : winsrv : %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]|[AppInit_DLLS] :
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]|[Programs] : com exe bat pif cmd
¤¤¤¤¤¤¤¤¤¤ | Security Center
[HKLM | Security Center]|[AntiVirusDisableNotify] : 0
[HKLM | Security Center]|[FirewallDisableNotify] : 0
[HKLM | Security Center]|[UpdatesDisableNotify] : 0
[HKLM | Security Center\svc]|[AntispywareOverride] : 0
[HKLM | Security Center\svc]|[AntiVirusOverride] : 0
[HKLM | Security Center\svc]|[FirewallOverride] : 0
[HKLM | FirewallPolicy\DomainProfile]|[DisableNotifications] : 0
[HKLM | FirewallPolicy\StandardProfile]|[DisableNotifications] : 0
¤¤¤¤¤¤¤¤¤¤ | Services Corrections
[Compbatt] : 4 -> 0 : Inactif
[RPCSS] : 2 : Actif
[Profsvc] : 2 : Actif
[PlugPlay] : 2 : Actif
[PEAUTH] : 2 : Actif
[Parvdm] : 2 : Actif
[nsi] : 2 : Actif
[NLASvc] : 2 : Actif
[MPSsvc] : 2 : Actif
[MMCSS] : 2 : Actif
[luafv] : 2 : Actif
[lltdio] : 2 : Actif
[Iphlpsvc] : 2 : Actif
[IKEEXT] : 2 : Actif
[gpsvc] : 2 : Actif
[lmhosts] : 2 : Actif
[LanmanWorkstation] : 2 : Actif
[LanmanServer] : 2 : Actif
[agp440] : 3 -> 2 : Inactif
[AudioEndpointBuilder] : 2 : Actif
[Audiosrv] : 2 : Actif
[BFE] : 2 : Actif
[Bits] : 3 -> 2 : Inactif
[CryptSvc] : 2 : Actif
[EapHost] : 3 -> 2 : Inactif
[Wlansvc] : 3 -> 2 : Inactif
[SharedAccess] : 2 : Inactif
[windefend] : 3 -> 2 : Inactif
[winmgmt] : 2 : Actif
[wuauserv] : 2 : Actif
[wudfsvc] : 2 : Actif
[WerSvc] : 2 : Actif
[wscsvc] : 2 : Actif
[Ndisuio] : 3 : Inactif
20:15:55
¤¤¤¤¤¤¤¤¤¤ | Internet Explorer
[HKU\S-1-5-21-1170913042-1277233965-3038881231-1000 | Main]|[Start Page] : https://www.msn.com/fr-fr -> https://www.google.com/?gws_rd=ssl
[HKU\S-1-5-18 | Main]|[Start Page] : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome -> https://www.google.com/?gws_rd=ssl
[HKU\S-1-5-21-1170913042-1277233965-3038881231-1000 | Main]|[Local Page] : C:\Windows\system32\blank.htm
[HKU\S-1-5-18 | Main]|[Search Page] : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
[HKLM | Search]|[SearchAssistant] : -> http://www.google.com/toolbar/ie8/sidebar.html
[HKLM | Main]|[Start Page] : https://www.msn.com/fr-fr -> https://www.msn.com/fr-fr/?ocid=iehp
[HKLM | Main]|[Local Page] : C:\Windows\System32\blank.htm
[HKLM | Main]|[Default_Search_URL] : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
[HKLM | Main]|[Default_Page_URL] : https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF -> https://www.msn.com/fr-fr/?ocid=iehp
[HKLM | Main]|[Search Page] : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
[HKLM | AboutURLs]|[Tabs] : res://ieframe.dll/tabswelcome.htm
¤
[HKU\S-1-5-21-1170913042-1277233965-3038881231-1000 | PhishingFilter]|[Enabled] : 2
[HKU\S-1-5-21-1170913042-1277233965-3038881231-1000 | PhishingFilter]|[EnabledV8] : 1
[HKU\S-1-5-21-1170913042-1277233965-3038881231-1000 | Internet settings]|[ProxyOverride] : *.local
[HKU\S-1-5-19 | Internet settings]|[EnableHttp1_1] : 1
[HKU\S-1-5-20 | Internet settings]|[EnableHttp1_1] : 1
[HKU\S-1-5-21-1170913042-1277233965-3038881231-1000 | Internet settings]|[EnableHttp1_1] : 1
[HKU\S-1-5-21-1170913042-1277233965-3038881231-1000 | Internet settings]|[MigrateProxy] : 1
[HKU\S-1-5-18 | Internet settings]|[MigrateProxy] : 1
[HKU\S-1-5-19 | Internet settings]|[AutoConfigProxy] : wininet.dll
[HKU\S-1-5-20 | Internet settings]|[AutoConfigProxy] : wininet.dll
[HKU\S-1-5-21-1170913042-1277233965-3038881231-1000 | Internet settings]|[AutoConfigProxy] : wininet.dll
¤¤¤¤¤¤¤¤¤¤ | Firefox
Profile : sqt43kb3.default
user_pref("browser.download.dir", "C:\\Users\\yannos\\Tracing\\Downloads");
user_pref("browser.download.lastDir", "C:\\Users\\yannos\\Desktop");
user_pref("browser.startup.homepage_override.buildID", "20120905151427");
user_pref("browser.startup.homepage_override.mstone", "15.0.1");
line Deleted : user_pref("extensions.enabledItems", "{71328583-3CA7-4809-B4BA-570A85818FBB}:0.5b4,{3112ca9c-de6d-4884-a869-9855de68056c}:7.1.20101113Wb1,{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07,{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11,{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13,{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15,{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16,{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17,{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}:6.0.19,{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20,{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21,{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22,{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23,{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24,{20a82645-c095-46ed-80e3-08825760534b}:1.1,{ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.1,{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26,HBLite@HBLite.com:11.0.0.0,{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}:15.0.4,wrc@avast.com:7.0.1466,ffxtlbr@babylon.com:1.2.0,{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}:2.0,{EEE6C361-6118-11DC-9C72-001320C79847}:1.5.0.2,gencrawler@some.com:2.6,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.10");
¤¤¤¤¤¤¤¤¤¤ | Extensions | Plugins
C:\Users\yannos\AppData\Roaming\Mozilla\Firefox\Profiles\sqt43kb3.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
C:\Users\yannos\AppData\Roaming\Mozilla\Firefox\Profiles\sqt43kb3.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
C:\Users\yannos\AppData\Roaming\Mozilla\Firefox\Profiles\sqt43kb3.default\searchplugins\askcomsearch.xml
C:\Users\yannos\AppData\Roaming\Mozilla\Firefox\Profiles\sqt43kb3.default\searchplugins\bing.xml
C:\Program Files\Mozilla Firefox\extensions\realplayer@partners.mozilla.com
C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
C:\Program Files\Mozilla Firefox\searchplugins\bing.xml
C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
C:\Program Files\Mozilla Firefox\searchplugins\google.xml
C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml
¤¤¤¤¤¤¤¤¤¤ | DNS
[HKLM\SYSTEM\CCS | Tcpip\Parameters]|[DhcpNameServer] : 192.168.1.1
[HKLM\SYSTEM\ControlSet001 | Interfaces\{43CB6297-8F46-435E-9C59-4DED67A999A4}]|[DhcpNameServer] : 192.168.42.129
[HKLM\SYSTEM\ControlSet001 | Interfaces\{EBD095F4-2C29-4821-A1FE-C9DBFA915040}]|[DhcpNameServer] : 192.168.1.1
[HKLM\SYSTEM\ControlSet003 | Interfaces\{43CB6297-8F46-435E-9C59-4DED67A999A4}]|[DhcpNameServer] : 192.168.42.129
[HKLM\SYSTEM\ControlSet003 | Interfaces\{EBD095F4-2C29-4821-A1FE-C9DBFA915040}]|[DhcpNameServer] : 192.168.1.1
[HKLM\SYSTEM\CurrentControlSet | Interfaces\{43CB6297-8F46-435E-9C59-4DED67A999A4}]|[DhcpNameServer] : 192.168.42.129
[HKLM\SYSTEM\CurrentControlSet | Interfaces\{EBD095F4-2C29-4821-A1FE-C9DBFA915040}]|[DhcpNameServer] : 192.168.1.1
¤¤¤¤¤¤¤¤¤¤ | Hosts
C:\Windows\System32\Drivers\etc\hosts : Cleaned :)
¤¤¤¤¤¤¤¤¤¤ | Files | Folders | Registry
Quarantined and deleted Successfully : C:\$Recycle.bin\S-1-5-21-1170913042-1277233965-3038881231-1000\$IJJIC07.exe
Quarantined and deleted Successfully : C:\$Recycle.bin\S-1-5-21-1170913042-1277233965-3038881231-1000\$RJJIC07.exe
Quarantined and deleted Successfully : C:\Windows\flow.tmp
Impossible to move : C:\Windows\msdownld.tmp
Quarantined and deleted Successfully : C:\Windows\mozver.dat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\Temp\AdobeARM.log
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\Temp\chrome_installer.log
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\Temp\GoogleToolbarInstaller1.log
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\Temp\jusched.log
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\Temp\LVCOMSX.LOG
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\Temp\MSIcda76.LOG
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\Temp\{B6FE6EEC-7E78-4644-9BF5-A10199943D06}\fpb.tmp
Impossible to move : C:\Users\yannos\AppData\Local\Temp\~DF9E44.tmp
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\Temp\~DF9F9A.tmp
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\Temp\~DFBAF9.tmp
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\Temp\~DFFBF4.tmp
Quarantined and deleted Successfully : C:\Windows\Temp\LVCOMSX.LOG
Quarantined and deleted Successfully : C:\Windows\Temp\MpCmdRun.log
Quarantined and deleted Successfully : C:\Windows\Temp\MpSigStub.log
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Roaming\AVG7\l_000101.log
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Roaming\AVG7\l_000102.log
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Roaming\Azureus\restart.bat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\awaycyq.bat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\cikcaye.bat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\ecucaeu.bat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\eugkc.bat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\gimwk.bat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\gkays.bat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\iayao.bat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\igcqe.bat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\imaqeei.bat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\kgwqwco.bat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\Lollipop\erifbrgc.bat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\Lollipop\erifbrgc.exe
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\Lollipop\lollipop.bat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\Lollipop\mcbgdbb.exe
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\Lollipop\mlkiogm.exe
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\Lollipop\trxvei.exe
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\mqysuyo.bat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\PokerStars\PokerStars.log.0
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\PokerStars\PokerStarsUpdate.log.0
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\PokerStars\PokerStarsUpdateE.log.0
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\PokerStars\_update2.dat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\PokerStars\_updcache.dat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\PokerStars.FR\PokerStars.log.0
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\PokerStars.FR\PokerStars.log.1
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\PokerStars.FR\PokerStarsUpdate.log.0
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\PokerStars.FR\PokerStarsUpdate.log.1
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\PokerStars.FR\PokerStarsUpdateE.log.0
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\PokerStars.FR\PokerStarsUpdateE.log.1
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\PokerStars.FR\Stub.log.0
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\PokerStars.FR\_update2.dat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\PokerStars.FR\_updcache.dat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\qoyoi.bat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\siies.bat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\waausou.bat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\wagmyce.bat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\wwiqs.bat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\ysawk.bat
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\microsoft\windows\WindowsUpdate.log
Quarantined and deleted Successfully : C:\ProgramData\avg7\AVG7QT.DAT
Quarantined and deleted Successfully : C:\ProgramData\ma-config.com\mcbase.db
Impossible to move : C:\ProgramData\ma-config.com
Quarantined and deleted Successfully : C:\Users\yannos\jagex_runescape_preferences.dat
Deleted : [HKU\S-1-5-21-1170913042-1277233965-3038881231-1000 | Run]|[erifbrgc] : "c:\users\yannos\appdata\local\lollipop\erifbrgc.exe" erifbrgc
20:35:45
Impossible to move : C:\ProgramData\Installations
Impossible to move : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Install Manager
Impossible to move : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoundDownloader
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Roaming\Microsoft\Windows\Start Menu\Installation du Contrôle Parental.lnk
Quarantined and deleted Successfully : C:\Users\yannos\Desktop\PONE - In my eyes 3.0.mp3
Quarantined and deleted Successfully : C:\Users\yannos\Desktop\SoundDownloader - Raccourci.lnk
Quarantined and deleted Successfully : C:\Users\yannos\AppData\Local\d3d9caps.dat
Quarantined and deleted Successfully : |D| - C:\Windows\System32\%APPDATA%
¤¤¤¤¤¤¤¤¤¤ | quarantined at reboot
Not quarantined at Reboot : C:\Windows\msdownld.tmp
Not quarantined at Reboot : C:\Users\yannos\AppData\Local\Temp\~DF9E44.tmp
Not quarantined at Reboot : C:\ProgramData\ma-config.com
Not quarantined at Reboot : C:\ProgramData\Installations
Not quarantined at Reboot : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Install Manager
Not quarantined at Reboot : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoundDownloader
Not quarantined at Reboot : C:\Users\yannos\Modèles\H
Not quarantined at Reboot : C:\Users\yannos\AppData\Roaming\Microsoft\Windows\Templates\H
¤¤¤¤¤
20:42:08
¤¤¤¤¤¤¤¤¤¤ | Listing Partition(s)
Disk: 0 Size=238G
Pos MBRndx Type/Name Size Active Hide Start Sector Sectors
--- ------ ---------- ---- ------ ---- ------------ ------------
0 1 07-NTFS 8.8G No No 63 17,928,477
1 0 07-NTFS 230G Yes No 17,928,540 470,463,525
¤¤¤¤¤¤¤¤¤¤ | MBR Control
MBR code signature : C9 6A F9 B0
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 6.0.6002 Disk: SAMSUNG_SP2504C rev.VT100-50 -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
device: opened successfully
user: MBR read successfully
Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
1 ntkrnlpa!IofCallDriver[8308E936] -> \Device\Harddisk0\DR0[85B14030]
3 CLASSPNP[885A68B3] -> ntkrnlpa!IofCallDriver[8308E936] -> [85B78918]
5 acpi[806106BC] -> ntkrnlpa!IofCallDriver[8308E936] -> \Device\Ide\IdeDeviceP0T0L0-0[85B05B98]
kernel: MBR read successfully
_asm { XOR DI, DI; MOV SS, DI; MOV SP, 7a00; MOV BX, 7a0; MOV DS, BX; MOV ES, BX; MOV SI, 200; MOV CX, SI; CLD ; REP MOVSB ; JMP FAR 7a0:a3; }
user & kernel MBR OK
20:42:24
[HKLM | Winlogon] | AutoRestartShell : 0 -> 1
¤¤¤¤¤¤¤¤¤¤ | Hidden files
~ [Disque d:] Folders : 1 | Files : 77 ¤¤¤¤¤ Unhide ¤¤¤¤¤ Folders : 0 | Files : 77
~ [Disque C:] Folders : 1 | Files : 1 ¤¤¤¤¤ Unhide ¤¤¤¤¤ Folders : 1 | Files : 1
~ [ProgramFiles] Folders : 1 | Files : 3 ¤¤¤¤¤ Unhide ¤¤¤¤¤ Folders : 1 | Files : 3
~ [Utilisateurs] Folders : 2 | Files : 0 ¤¤¤¤¤ Unhide ¤¤¤¤¤ Folders : 2 | Files : 0
~ [Music] Folders : 4 | Files : 4 ¤¤¤¤¤ Unhide ¤¤¤¤¤ Folders : 4 | Files : 4
~ [Pictures] Folders : 1 | Files : 0 ¤¤¤¤¤ Unhide ¤¤¤¤¤ Folders : 1 | Files : 0
~ [Videos] Folders : 0 | Files : 1 ¤¤¤¤¤ Unhide ¤¤¤¤¤ Folders : 0 | Files : 1
~ [Downloads] Folders : 0 | Files : 0
~ [Desktop] Folders : 1 | Files : 3 ¤¤¤¤¤ Unhide ¤¤¤¤¤ Folders : 1 | Files : 3
~ [Links] Folders : 0 | Files : 0
~ [Searches] Folders : 0 | Files : 2 ¤¤¤¤¤ Unhide ¤¤¤¤¤ Folders : 0 | Files : 2
~ [Contacts] Folders : 9 | Files : 0 ¤¤¤¤¤ Unhide ¤¤¤¤¤ Folders : 9 | Files : 0
~ [Saved_Games] Folders : 0 | Files : 0
~ [Favorites] Folders : 0 | Files : 0
~ [Documents] Folders : 4 | Files : 0 ¤¤¤¤¤ Unhide ¤¤¤¤¤ Folders : 4 | Files : 0
~ [Windows] Folders : 62 | Files : 203 ¤¤¤¤¤ Unhide ¤¤¤¤¤ Folders : 62 | Files : 203
~ [Start_Menu] Folders : 1 | Files : 0 ¤¤¤¤¤ Unhide ¤¤¤¤¤ Folders : 1 | Files : 0
~ [Libraries] Folders : 0 | Files : 0
~ [quick launch] Folders : 0 | Files : 0
~ [AppData] Folders : 1 | Fil
yann252
Messages postés
84
Date d'inscription
dimanche 9 septembre 2012
Statut
Membre
Dernière intervention
30 août 2013
4
21 sept. 2012 à 21:34
21 sept. 2012 à 21:34
c'est fait
Utilisateur anonyme
21 sept. 2012 à 21:36
21 sept. 2012 à 21:36
ben il me faut le lien sinon je fais comment pour le consulter ?
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
yann252
Messages postés
84
Date d'inscription
dimanche 9 septembre 2012
Statut
Membre
Dernière intervention
30 août 2013
4
21 sept. 2012 à 21:37
21 sept. 2012 à 21:37
excuse mon incompétence c'est la première fois que je le fais.
https://pjjoint.malekal.com/files.php?id=20120921_b8c7n8w12h14
https://pjjoint.malekal.com/files.php?id=20120921_b8c7n8w12h14
Utilisateur anonyme
21 sept. 2012 à 21:41
21 sept. 2012 à 21:41
va peut etre falloir calmer les sites pornos tu crois pas ?
yann252
Messages postés
84
Date d'inscription
dimanche 9 septembre 2012
Statut
Membre
Dernière intervention
30 août 2013
4
21 sept. 2012 à 21:45
21 sept. 2012 à 21:45
lol a se point!!!!!
yann252
Messages postés
84
Date d'inscription
dimanche 9 septembre 2012
Statut
Membre
Dernière intervention
30 août 2013
4
21 sept. 2012 à 21:55
21 sept. 2012 à 21:55
mes com n' a paresse plus!!
yann252
Messages postés
84
Date d'inscription
dimanche 9 septembre 2012
Statut
Membre
Dernière intervention
30 août 2013
4
21 sept. 2012 à 21:56
21 sept. 2012 à 21:56
a si bisard ca encor donc je disais que j'en utilisais qu'un seul mes regulierement et c'est gratuit!
Utilisateur anonyme
21 sept. 2012 à 21:58
21 sept. 2012 à 21:58
ouaip ben les liens sur lesquels tu cliques sur le site sont quant-à eux bien pourris
=============
Télécharge ici : Navilog1 depuis-ce lien
▶ Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
▶ Ensuite double clique sur navilog1.exe pour lancer l'installation.
Une fois l'installation terminée, le fix s'exécutera automatiquement.
▶ Au menu principal, Fais le choix 1 >> Recherche / suppression automatique
Patiente jusqu'au message :
*** Analyse Termine le ..... ***
>>>>> Le fix peut durer une dizaine de minutes ;)
▶ Appuie sur une touche le bloc note va s'ouvrir.
▶ Copie-colle le rapport ici.
=============
Télécharge ici : Navilog1 depuis-ce lien
▶ Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
▶ Ensuite double clique sur navilog1.exe pour lancer l'installation.
Une fois l'installation terminée, le fix s'exécutera automatiquement.
▶ Au menu principal, Fais le choix 1 >> Recherche / suppression automatique
Patiente jusqu'au message :
*** Analyse Termine le ..... ***
>>>>> Le fix peut durer une dizaine de minutes ;)
▶ Appuie sur une touche le bloc note va s'ouvrir.
▶ Copie-colle le rapport ici.
yann252
Messages postés
84
Date d'inscription
dimanche 9 septembre 2012
Statut
Membre
Dernière intervention
30 août 2013
4
21 sept. 2012 à 22:17
21 sept. 2012 à 22:17
Fix Navipromo version 4.1.1 commencé le 21/09/2012 22:00:52,31
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
Outil exécuté depuis C:\navilog1
Mise à jour le 07.04.2012 à 20h00 par IL-MAFIOSO
Microsoft® Windows Vista(TM) Édition Familiale Premium ( v6.0.6002 ) Service Pack 2
X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 5600+ )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : yannos ( Administrator )
BOOT : Normal boot
Antivirus : AVG 7.5.488 7.5.488 (Activated)
C:\ (Local Disk) - NTFS - Total:224 Go (Free:30 Go)
D:\ (Local Disk) - NTFS - Total:8 Go (Free:4 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)
G:\ (USB)
J:\ (USB)
L:\ (USB)
O:\ (USB)
Recherche executée en mode normal
Nettoyage exécuté au redémarrage de l'ordinateur
c:\users\yannos\appdata\local\virtua~1\progra~1\InternetGamebox supprimé !
Nettoyage contenu C:\Windows\Temp effectué !
Nettoyage contenu C:\Users\yannos\AppData\Local\Temp effectué !
*** Sauvegarde du Registre vers dossier Safebackup ***
sauvegarde du Registre réalisée avec succès !
*** Nettoyage Registre ***
Nettoyage Registre Ok
*** Scan terminé 21/09/2012 22:15:43,61 ***
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
Outil exécuté depuis C:\navilog1
Mise à jour le 07.04.2012 à 20h00 par IL-MAFIOSO
Microsoft® Windows Vista(TM) Édition Familiale Premium ( v6.0.6002 ) Service Pack 2
X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 5600+ )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : yannos ( Administrator )
BOOT : Normal boot
Antivirus : AVG 7.5.488 7.5.488 (Activated)
C:\ (Local Disk) - NTFS - Total:224 Go (Free:30 Go)
D:\ (Local Disk) - NTFS - Total:8 Go (Free:4 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)
G:\ (USB)
J:\ (USB)
L:\ (USB)
O:\ (USB)
Recherche executée en mode normal
Nettoyage exécuté au redémarrage de l'ordinateur
c:\users\yannos\appdata\local\virtua~1\progra~1\InternetGamebox supprimé !
Nettoyage contenu C:\Windows\Temp effectué !
Nettoyage contenu C:\Users\yannos\AppData\Local\Temp effectué !
*** Sauvegarde du Registre vers dossier Safebackup ***
sauvegarde du Registre réalisée avec succès !
*** Nettoyage Registre ***
Nettoyage Registre Ok
*** Scan terminé 21/09/2012 22:15:43,61 ***
yann252
Messages postés
84
Date d'inscription
dimanche 9 septembre 2012
Statut
Membre
Dernière intervention
30 août 2013
4
21 sept. 2012 à 22:19
21 sept. 2012 à 22:19
j'atire ton attention sur l' antivirus detecté et activé AVG 7.5.488, ce n'est pas celui qui tourne sur mon pc celui ci il a du etre viré par ccleaner normalement.
Utilisateur anonyme
21 sept. 2012 à 22:25
21 sept. 2012 à 22:25
aide toi de cette page pour virer les restes alors :
https://www.commentcamarche.net/faq/7367-desinstaller-proprement-liens-et-astuces#mcafee-virusscan-8-ou-9
https://www.commentcamarche.net/faq/7367-desinstaller-proprement-liens-et-astuces#mcafee-virusscan-8-ou-9
yann252
Messages postés
84
Date d'inscription
dimanche 9 septembre 2012
Statut
Membre
Dernière intervention
30 août 2013
4
21 sept. 2012 à 22:26
21 sept. 2012 à 22:26
c'est fait merci!!
Utilisateur anonyme
21 sept. 2012 à 22:29
21 sept. 2012 à 22:29
heberge le rapport de Diag stp via cjoint.com ou autre et donne le lien
yann252
Messages postés
84
Date d'inscription
dimanche 9 septembre 2012
Statut
Membre
Dernière intervention
30 août 2013
4
21 sept. 2012 à 22:30
21 sept. 2012 à 22:30
Je suppose que mon pc est tout neuf maintenant
yann252
Messages postés
84
Date d'inscription
dimanche 9 septembre 2012
Statut
Membre
Dernière intervention
30 août 2013
4
21 sept. 2012 à 22:35
21 sept. 2012 à 22:35
Utilisateur anonyme
21 sept. 2012 à 22:39
21 sept. 2012 à 22:39
nan pas celui-là , Pre_Diag_etc......txt qui est sur ton bureau
yann252
Messages postés
84
Date d'inscription
dimanche 9 septembre 2012
Statut
Membre
Dernière intervention
30 août 2013
4
21 sept. 2012 à 22:41
21 sept. 2012 à 22:41