Sujet Précédent Sujet Suivant

Dossiers éffacés

Nugup Messages postés 44 Statut Membre -  
 Utilisateur anonyme -
Bonjour,

Je me présente, j'ai 15 ans et j'ai il y a peu de temps acheté un toshiba satellite P870, j'ai sauvegardé mon système d'exploitation sur CD-roms mais je n'ai pas encore fait de sauvegarde du DD, n'ayant pas eu le temps et l'envie de le faire.
Sur cet ordinateur, j'ai Mc-Afee Total Protection, j'ai téléchargé CodeBlocks, un IDE pour retranscrir le langage C ou C+ en langage binaire pour l'ordinateur et Mumble, un outil similaire à TeamSpeak.
J'ai également mis sur cet ordinateur World Of Warcraft, provenant d'un DD d'un copain que j'avais auparavant scanné. Je ne surfe pas trop avec, je privilégie les sites surs, ayant eu quelques problèmes de virus sur un ancien ordinateur, et je scan mon ordinateur chaque semaine.

Alors voici mon problème :

J'allume mon ordinateur, je me log en session utilisateur, en entrant dans ma session, je vois que mon fond d'écran a changé et s'est remis au fond d'écran par défaut de Toshiba, je regarde sur le bureau et je distingue tous mes fichiers sauf celui nommé CodeBlocks dans lequel sont sauvegardés tous mes programmes et également dans lequel le jeu World Of Warcraft est stocké.
Je lance une recherche de mon fichier et je le trouve, il avait seulement disparu du bureau.
Je décide de rallumer mon ordinateur et je me log en session admin pour voir si il y a un probleme dessus. N'ayant rien vu d'anormal je retourne en session utilisateur et mon fond d'ecran personalisé est revenu mais le dossier CodeBlocks n'est pas sur le bureau. Je lance une recherche et elle se révèle non concluante, plus de CodeBlocks, plus de programmes, plus de jeu. J'ai cherché pendant longtemps, activé la visualisation des fichiers cachés et recherché en mode Admin et dans la corbeille mais rien.
J'ai lancé un scan de McAfee mais je l'ai stoppé à 50%, il n'avait encore rien detecté et mon père rentrait, sachant que je n'ai pas le droit à l'ordi en semaine.
Je suis plutôt prudent et je ne pense pas avoir de virus car mon ordinateur est plutot neuf (3mois) et je ne telecharge rien sur des sites non conseillés ou en P2P, j'analyse tout ce qui entre dans mon ordinateur et je procède à des analyses système régulières.

Je voudrais donc savoir si vous savez ce que j'ai comme problème, je suis assez embêté au niveau de mes programmes mais j'ai surtout peur d'avoir chopé quelque chose :/

Je vous remercie par avance, j'espère avoir été clair et précis, je suis la pour plus de précisions.

47 réponses

Réponse 1 / 47
Utilisateur anonyme
 
si tu suis bien les consignes , il devrait y avoir aucun souci :)
3
Réponse 2 / 47
Utilisateur anonyme
 
c'etait un faux positif que j'ai retiré ce matin.

en attendant je te conseille de desinstallerMcAfee qui detecte pas un éléphant dans un couloir et d'installer plutot Avast gratuit....

mais avant ca , relance l'outil , clique sur Diag et poste le lien

¤¤¤¤¤¤¤¤¤¤ Pre_Scan_Concept ¤¤¤¤¤¤¤¤¤¤
1
Nugup Messages postés 44 Statut Membre
 
Je vais partir en week-end, je fais ça une fois revenu.

Je dois cliquer sur Diag ?
C'est une option qui s'affiche à un moment du scan ?

Merci de prendre de ton temps pour me répondre :D

PS : Tu peut utiliser ton outil en lui rajoutant des options à distance par exemple ? :O
0
Utilisateur anonyme
 
non la deuxieme fois qu on le lance un menu apparait il ne lance pas de scan d'entrée ^^

ben alors tu le retelechageras parce qu'en ce moment je le mets à jour 5/15 fois par jour.....
0
Nugup Messages postés 44 Statut Membre
 
Ok mais si je le retélecharge je devrais probablement refaire un scan avant de pouvoir avoir le menu ?
0
Utilisateur anonyme
 
non le tout c'est que tu ne supprimes pas le dossier pre_scan qui est dans c:\ ou que tu en recrées un nouveau s il est supprimé de maniere à avoir le menu :)
0
Nugup
 
Je suis revenu de Week-End, j'ai oublié de retelecharger Pre_Scan mais j'ai cliqué sur Diag et le programme s'execute, je pense faire sans les Majs que tu as rajouté, tout du moins pour cette étape x)
0
Réponse 3 / 47
Utilisateur anonyme
 
dzlut java et adobe sont à jour ?
0
Réponse 4 / 47
Nugup Messages postés 44 Statut Membre
 
Oui java et adobe sont surrement à jour mais je vais vérifier et j'ai des Majs Windows Update a faire. (8 il me semble)
0
Ex0ne Messages postés 94 Statut Membre 4
 
Les mises a jours n'ont s'en doute rien a voire avec ce souci. Après je sais pas...
0
Nugup Messages postés 44 Statut Membre
 
Effectivement je ne pense pas qu'il y ait un rapport, j'ai tout de même dl et installé les Majs, aucun changement. :(
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 47
Utilisateur anonyme
 
Attention !!! : cet outil peut etre détecté à tort comme virus
Attention !!! : cet outil est puissant suivre scrupuleusement les instructions ci-dessous

tous les processus "non vitaux de windows" vont être coupés , enregistre ton travail.

Désactive toutes tes protections si possible , antivirus , sandbox , pare-feux , etc....

telecharge et enregistre Pre_Scan sur ton bureau :

https://forums-fec.be/gen-hackman/Pre_Scan.exe

si le lien ne fonctionne pas :

http://general-changelog-team.fr/fr/downloads/viewdownload/41-outils-de-gen-hackman/52-pre-scan
http://www.archive-host.com

Avertissement :Il y aura une extinction du bureau pendant le scan --> pas de panique.

une fois telechargé lance-le , laisse faire le scan jusqu'à l'apparition de "Pre_scan_la_date_et_l'heure.txt" sur le bureau.

si l'outil est relancé plusieurs fois , il te proposera un menu et qu'aucune option n'est demandée, lance l'option "Kill"

si l'outil est bloqué par l'infection utilise cette version avec extension .pif :

https://forums-fec.be/gen-hackman/Pre_Scan.pif

si l'outil detecte un proxy et que tu n'en as pas installé clique sur "supprimer le proxy"

Il se peut qu'une multitude de fenêtres noires clignotent , laisse-le travailler

Poste Pre_Scan_la_date_et_l'heure.txt qui apparaitra sur le bureau en fin de scan

Il est possible que l'outil fasse redemarrer ton pc , laisse-le faire

NE LE POSTE PAS SUR LE FORUM !!! (il est trop long)

Heberge le rapport sur http://pjjoint.malekal.com puis donne le lien obtenu en echange sur le forum où tu te fais aider

0
Réponse 6 / 47
Nugup Messages postés 44 Statut Membre
 
Je vais être franc, j'ai assez peur d'utiliser ce programme, c'est un bel ordi et j'ai pas envie de le détruire, c'est ton programme je sais mais j'aimerais en savoir un peu plus sur le problème que je pourrait éventuellement avoir et savoir si une solution moins radicale peut être prise en compte.
Si il n'y a pas d'autres solutions, je m'y contraindrais peut-être...

Merci quand même de prendre de ton temps, j'ai screen ton tuto au cas ou j'en ai besoin.
J'aimerais bien avoir l'avis d'autres personnes ou que l'on m'explique en détails les causes hypothétiques du problème.
0
Réponse 7 / 47
Utilisateur anonyme
 
si tu ne veux pas faire ce qu on demande inutile de demander de l'aide
0
Réponse 8 / 47
Nugup Messages postés 44 Statut Membre
 
Je n'ai pas dit que je ne voulais pas faire ce que l'on me demandait, je veut d'abord savoir ce que je peux avoir comme problème, j'ai pas envie d'être le cobaye pour un programme que l'on me donne sur internet sans aucun garantie de fonctionnement.

Je veut bien suivre tes instructions mais j'aimerais tout d'abord avoir un peu plus de précisions.
0
Réponse 9 / 47
Utilisateur anonyme
 
Pre_Scan est un outil qui répare les services, supprime les rogues et les FakeAV/FakeAlert
Il répare le mode sans echec , internet explorer , détruit les proxy nefastes
Il réattribue les fichiers, supprime divers malwares,et répare les demarrages attrophiés par les infections dans son possible

historique de l'outil ici :

https://gen-hackman.kanak.fr/

puis la suite ici :

https://gen-hackman.kanak.fr/
0
Réponse 10 / 47
Nugup Messages postés 44 Statut Membre
 
C'est ok, je suis convaincu, je vais faire ce que tu ma dit dès que j'en aurait le temps, j'espère que ca va marcher :)
0
Réponse 11 / 47
Nugup Messages postés 44 Statut Membre
 
J'ai telechargé Pre_Scan, je l'ai lancé et la ca fait 5 mins que la souris clignote légèrement et que le rond du chargement tourne à coté, c'est normal ?

Edit : Cela fait maintenant 35 mins, le bureau s'est éteint comme tu avais prévenu, l'ordinateur ventile beaucoup.
0
Nugup Messages postés 44 Statut Membre
 
Je n'étais pas en mode Admin, mais j'avais pourtant executé en tant qu'admin, ca ne marchait pas, je me suis connecté en admin et mtn je vois le scan :)
0
Réponse 12 / 47
Nugup Messages postés 44 Statut Membre
 
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Pre_Scan | 2.0928 | g3n-h@ckm@n & Saachaa | ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤ XP | Vista | 7 | 8 - 32/64 bits ¤¤¤¤¤

~ Update on 28/09/2012 | 00.30 by g3n-h@ckm@n
~ Informations | Evolution : https://gen-hackman.kanak.fr/
~ Informations for the switches Pre_Script : https://gen-hackman.kanak.fr/
~ Feedback Pre_scan : https://gen-hackman.kanak.fr/#505
~ Thx to C_XX , Slyk for their help for the evolution of the tool

~ User : utilisateur (Administrateurs) | SID = S-1-5-21-1415005117-1820878988-2034386346-1001
~ Computer : PC-ANTOINE

~ System : Windows 7 Home Premium (64 bits) HomePremium Service Pack 1
~ InstallationType : Client
~ RegisteredOwner : utilisateur
~ RegisteredOrganization :
~ ProcessorNameString : Intel(R) Core(TM) i7-2670QM CPU @ 2.20GHz
~ Identifier : Intel64 Family 6 Model 42 Stepping 7

~ Mémory RAM = Total (KB) : 6206780 | Used (%) : 27 | Free (KB) : 4512960
~ Pagefile = Total (KB) : 12411700 | Free (KB) : 10666030
~ Virtual = Total (KB) : 4194180 | Free (KB) : 3981480

¤¤¤¤¤¤¤¤¤¤ | Boot's scripts

C:\windows\Setup\Scripts\B2C.txt
C:\windows\Setup\Scripts\labelc2rdrive.exe
C:\windows\Setup\Scripts\labelc2rdrive.exe.config
C:\windows\Setup\Scripts\SetupComplete.cmd

¤¤¤¤¤¤¤¤¤¤ | Drives

c:\ -> [Fixed] | [TI30888600B] | Total : 935120 Mo | Free : 887790 Mo -> NTFS

Scan : 14:55:01 | 28/09/2012

¤¤¤¤¤¤¤¤¤¤ | Windows Updates

~ C:\windows\system32\config\systemprofile
~ C:\Windows\ServiceProfiles\LocalService
~ C:\Windows\ServiceProfiles\NetworkService
~ C:\Users\UpdatusUser
~ C:\Users\utilisateur
~ C:\Users\Antoine.utilisateur-

New restorepoint created

¤¤¤¤¤¤¤¤¤¤ | MD5 Control

[MD5.983085155BAED9261759F8C725E27119] - [28/09/2012 14:55:02] - [0.5 Ko] - C:\Pre_Scan\MBR.bin
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - [15/03/2012 14:20:29] - (.© Microsoft Corporation. - Explorateur Windows.) - [2804.5 Ko] - (6.1.7601.17567) - C:\windows\explorer.exe
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - [15/03/2012 14:20:29] - (.© Microsoft Corporation. - Explorateur Windows.) - [2555 Ko] - (6.1.7601.17567) - C:\windows\SysWOW64\explorer.exe
[MD5.AC4C51EB24AA95B77F705AB159189E24] - [21/11/2010 14:24:11] - (.© Microsoft Corporation. - Windows Explorer.) - [2805 Ko] - (6.1.7601.17514) - C:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - [15/03/2012 14:20:29] - (.© Microsoft Corporation. - Windows Explorer.) - [2804.5 Ko] - (6.1.7601.17567) - C:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[MD5.3B69712041F3D63605529BD66DC00C48] - [15/03/2012 14:20:29] - (.© Microsoft Corporation. - Windows Explorer.) - [2804.5 Ko] - (6.1.7601.21669) - C:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[MD5.40D777B7A95E00593EB1568C68514493] - [21/11/2010 14:24:25] - (.© Microsoft Corporation. - Windows Explorer.) - [2555 Ko] - (6.1.7601.17514) - C:\windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - [15/03/2012 14:20:29] - (.© Microsoft Corporation. - Windows Explorer.) - [2555 Ko] - (6.1.7601.17567) - C:\windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[MD5.0FB9C74046656D1579A64660AD67B746] - [15/03/2012 14:20:29] - (.© Microsoft Corporation. - Windows Explorer.) - [2555 Ko] - (6.1.7601.21669) - C:\windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[MD5.60C2862B4BF0FD9F582EF344C2B1EC72] - [14/07/2009 10:19:49] - (.© Microsoft Corporation. - Processus d'exécution client-serveur.) - [7.5 Ko] - (6.1.7600.16385) - C:\windows\System32\csrss.exe
[MD5.60C2862B4BF0FD9F582EF344C2B1EC72] - [14/07/2009 10:19:49] - (.© Microsoft Corporation. - Client Server Runtime Process.) - [7.5 Ko] - (6.1.7600.16385) - C:\windows\winsxs\amd64_microsoft-windows-csrss_31bf3856ad364e35_6.1.7600.16385_none_b4d8d57efdc6b4f3\csrss.exe
[MD5.24ACB7E5BE595468E3B9AA488B9B4FCB] - [14/07/2009 10:19:46] - (.© Microsoft Corporation. - Applications Services et Contrôleur.) - [321 Ko] - (6.1.7600.16385) - C:\windows\System32\services.exe
[MD5.24ACB7E5BE595468E3B9AA488B9B4FCB] - [14/07/2009 10:19:46] - (.© Microsoft Corporation. - Services and Controller app.) - [321 Ko] - (6.1.7600.16385) - C:\windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
[MD5.1911A3356FA3F77CCC825CCBAC038C2A] - [14/07/2009 10:19:50] - (.© Microsoft Corporation. - Gestionnaire de sessions Windows.) - [110 Ko] - (6.1.7600.16385) - C:\windows\System32\smss.exe
[MD5.1911A3356FA3F77CCC825CCBAC038C2A] - [14/07/2009 10:19:50] - (.© Microsoft Corporation. - Windows Session Manager.) - [110 Ko] - (6.1.7600.16385) - C:\windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
[MD5.BAFE84E637BF7388C96EF48D4D3FDD53] - [21/11/2010 14:24:28] - (.© Microsoft Corporation. - Application d'ouverture de session Userinit.) - [30 Ko] - (6.1.7601.17514) - C:\windows\System32\userinit.exe
[MD5.61AC3EFDFACFDD3F0F11DD4FD4044223] - [21/11/2010 14:23:55] - (.© Microsoft Corporation. - Application d'ouverture de session Userinit.) - [26 Ko] - (6.1.7601.17514) - C:\windows\SysWOW64\userinit.exe
[MD5.BAFE84E637BF7388C96EF48D4D3FDD53] - [21/11/2010 14:24:28] - (.© Microsoft Corporation. - Userinit Logon Application.) - [30 Ko] - (6.1.7601.17514) - C:\windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
[MD5.61AC3EFDFACFDD3F0F11DD4FD4044223] - [21/11/2010 14:23:55] - (.© Microsoft Corporation. - Userinit Logon Application.) - [26 Ko] - (6.1.7601.17514) - C:\windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - [14/07/2009 10:52:37] - (.© Microsoft Corporation. - Application de démarrage de Windows.) - [126 Ko] - (6.1.7600.16385) - C:\windows\System32\wininit.exe
[MD5.B5C5DCAD3899512020D135600129D665] - [14/07/2009 10:36:49] - (.© Microsoft Corporation. - Application de démarrage de Windows.) - [94 Ko] - (6.1.7600.16385) - C:\windows\SysWOW64\wininit.exe
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - [14/07/2009 10:52:37] - (.© Microsoft Corporation. - Windows Start-Up Application.) - [126 Ko] - (6.1.7600.16385) - C:\windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[MD5.B5C5DCAD3899512020D135600129D665] - [14/07/2009 10:36:49] - (.© Microsoft Corporation. - Windows Start-Up Application.) - [94 Ko] - (6.1.7600.16385) - C:\windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - [21/11/2010 14:24:29] - (.© Microsoft Corporation. - Application d'ouverture de session Windows.) - [381.5 Ko] - (6.1.7601.17514) - C:\windows\System32\winlogon.exe
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - [21/11/2010 14:24:29] - (.© Microsoft Corporation. - Windows Logon Application.) - [381.5 Ko] - (6.1.7601.17514) - C:\windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - [18/08/2012 18:33:34] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [487 Ko] - (6.1.7601.17752) - C:\windows\System32\drivers\afd.sys
[MD5.D31DC7A16DEA4A9BAF179F3D6FBDB38C] - [21/11/2010 14:24:08] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [488 Ko] - (6.1.7601.17514) - C:\windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17514_none_360e4801750ca991\afd.sys
[MD5.D5B031C308A409A0A576BFF4CF083D30] - [15/03/2012 14:21:23] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [487.5 Ko] - (6.1.7601.17603) - C:\windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_3618198975057170\afd.sys
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - [18/08/2012 18:33:34] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [487 Ko] - (6.1.7601.17752) - C:\windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17752_none_35e10b89752ee0f5\afd.sys
[MD5.F4AD06143EAC303F55D0E86C40802976] - [15/03/2012 14:21:23] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [487.5 Ko] - (6.1.7601.21712) - C:\windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.21712_none_3695e61e8e2c13d4\afd.sys
[MD5.36A14FD1A23F57046361733B792CA8DB] - [18/08/2012 18:33:34] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [486.5 Ko] - (6.1.7601.21887) - C:\windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.21887_none_364f3a028e605345\afd.sys
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - [14/07/2009 10:19:47] - (.© Microsoft Corporation. - ATAPI IDE Miniport Driver.) - [23.56 Ko] - (6.1.7600.16385) - C:\windows\System32\drivers\atapi.sys
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - [14/07/2009 10:19:47] - (.© Microsoft Corporation. - ATAPI IDE Miniport Driver.) - [23.56 Ko] - (6.1.7600.16385) - C:\windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[MD5.F036CE71586E93D94DAB220D7BDF4416] - [21/11/2010 14:23:47] - (.© Microsoft Corporation. - SCSI CD-ROM Driver.) - [144 Ko] - (6.1.7601.17514) - C:\windows\System32\drivers\cdrom.sys
[MD5.F036CE71586E93D94DAB220D7BDF4416] - [21/11/2010 14:23:47] - (.© Microsoft Corporation. - SCSI CD-ROM Driver.) - [144 Ko] - (6.1.7601.17514) - C:\windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
[MD5.09594D1089C523423B32A4229263F068] - [21/11/2010 14:23:51] - (.© Microsoft Corporation. - MBT Transport driver.) - [255.5 Ko] - (6.1.7601.17514) - C:\windows\System32\drivers\netbt.sys
[MD5.09594D1089C523423B32A4229263F068] - [21/11/2010 14:23:51] - (.© Microsoft Corporation. - MBT Transport driver.) - [255.5 Ko] - (6.1.7601.17514) - C:\windows\winsxs\amd64_microsoft-windows-netbt_31bf3856ad364e35_6.1.7601.17514_none_be8acdd10de3b1a6\netbt.sys
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - [21/11/2010 14:24:32] - (.© Microsoft Corporation. - TDI Translation Driver.) - [116.5 Ko] - (6.1.7601.17514) - C:\windows\System32\drivers\tdx.sys
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - [21/11/2010 14:24:32] - (.© Microsoft Corporation. - TDI Translation Driver.) - [116.5 Ko] - (6.1.7601.17514) - C:\windows\winsxs\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7601.17514_none_4863cdbaf2b532f8\tdx.sys
[MD5.DF8126BD41180351A093A3AD2FC8903B] - [15/03/2012 14:11:02] - (.© Microsoft Corporation. - Pilote de cliché instantané du volume.) - [289.38 Ko] - (6.1.7601.17567) - C:\windows\System32\drivers\volsnap.sys
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - [21/11/2010 14:23:47] - (.© Microsoft Corporation. - Volume Shadow Copy Driver.) - [288.88 Ko] - (6.1.7601.17514) - C:\windows\winsxs\amd64_volume.inf_31bf3856ad364e35_6.1.7601.17514_none_73dcbcf012b4850e\volsnap.sys
[MD5.DF8126BD41180351A093A3AD2FC8903B] - [15/03/2012 14:11:02] - (.© Microsoft Corporation. - Volume Shadow Copy Driver.) - [289.38 Ko] - (6.1.7601.17567) - C:\windows\winsxs\amd64_volume.inf_31bf3856ad364e35_6.1.7601.17567_none_73a9ae3212da5cc8\volsnap.sys
[MD5.879CE6AEA3FE874AD4C500B6B6198EB0] - [15/03/2012 14:11:02] - (.© Microsoft Corporation. - Volume Shadow Copy Driver.) - [289.38 Ko] - (6.1.7601.21668) - C:\windows\winsxs\amd64_volume.inf_31bf3856ad364e35_6.1.7601.21668_none_74344b472bf715e9\volsnap.sys

14:56:15

¤¤¤¤¤¤¤¤¤¤ | Processes stopped

nvvsvc.exe (808) -> Process stopped !
wlanext.exe (1452) -> Process stopped !
spoolsv.exe (1656) -> Process stopped !
armsvc.exe (1904) -> Process stopped !
AppleMobileDeviceService.exe (1184) -> Process stopped !
mDNSResponder.exe (2152) -> Process stopped !
EvtEng.exe (2192) -> Process stopped !
HeciServer.exe (2244) -> Process stopped !
IntelMeFWService.exe (2316) -> Process stopped !
Jhi_service.exe (2344) -> Process stopped !
McSvHost.exe (2424) -> Process stopped !
RegSrvc.exe (2576) -> Process stopped !
c2c_service.exe (2648) -> Process stopped !
TeamViewer_Service.exe (2692) -> Process stopped !
TemproSvc.exe (2736) -> Process stopped !
ThpSrv.exe (2804) -> Process stopped !
TODDSrv.exe (2828) -> Process stopped !
TosCoSrv.exe (2860) -> Process stopped !
WLIDSVC.EXE (2988) -> Process stopped !
ZeroConfigService.exe (3040) -> Process stopped !
TecoService.exe (2308) -> Process stopped !
TrustedInstaller.exe (4176) -> Process stopped !
SearchIndexer.exe (5408) -> Process stopped !
iPodService.exe (5900) -> Process stopped !
wmpnetwk.exe (5384) -> Process stopped !
TMachInfo.exe (2004) -> Process stopped !
LMS.exe (5244) -> Process stopped !
MOBKbackup.exe (4900) -> Process stopped !
NASvc.exe (620) -> Process stopped !
TosSmartSrv.exe (5668) -> Process stopped !
daemonu.exe (5636) -> Process stopped !
VSSVC.exe (1856) -> Process stopped !
sppsvc.exe (5752) -> Process stopped !
UNS.exe (2920) -> Process stopped !
rundll32.exe (2568) -> Process stopped !
rundll32.exe (6380) -> Process stopped !
nvxdsync.exe (6984) -> Process stopped !
nvvsvc.exe (5764) -> Process stopped !
mcupdmgr.exe (6300) -> Process stopped !
taskhost.exe (6276) -> Process stopped !
explorer.exe (3108) -> Process stopped !
taskeng.exe (6160) -> Process stopped !
RAVCpl64.exe (4740) -> Process stopped !
TCrdMain.exe (4420) -> Process stopped !
Teco.exe (5000) -> Process stopped !
ThpSrv.exe (4576) -> Process stopped !
ismagent.exe (4848) -> Process stopped !
igfxtray.exe (2704) -> Process stopped !
hkcmd.exe (2596) -> Process stopped !
igfxpers.exe (3956) -> Process stopped !
TosSENotify.exe (1600) -> Process stopped !
SuperCopier2.exe (3204) -> Process stopped !
TOPI.exe (3268) -> Process stopped !
nvtray.exe (5896) -> Process stopped !
ToshibaServiceStation.exe (5320) -> Process stopped !
iTunesHelper.exe (6820) -> Process stopped !
mcagent.exe (2132) -> Process stopped !
taskeng.exe (4904) -> Process stopped !
widimon.exe (6344) -> Process stopped !
igfxext.exe (1152) -> Process stopped !
igfxsrvc.exe (3448) -> Process stopped !

¤¤¤¤¤¤¤¤¤¤ | Running processes

Boot : Normal

[MD5.1911A3356FA3F77CCC825CCBAC038C2A] - [14/07/2009 10:19:50] - 444 | C:\windows\System32\smss.exe (.Microsoft Corporation - Gestionnaire de sessions Windows.) - (6.1.7600.16385) -> \SystemRoot\System32\smss.exe [112640 Ko]
[MD5.60C2862B4BF0FD9F582EF344C2B1EC72] - [14/07/2009 10:19:49] - 776 | C:\windows\system32\csrss.exe (.Microsoft Corporation - Processus d'exécution client-serveur.) - (6.1.7600.16385) -> %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 [7680 Ko]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - [14/07/2009 10:52:37] - 880 | C:\windows\system32\wininit.exe (.Microsoft Corporation - Application de démarrage de Windows.) - (6.1.7600.16385) -> wininit.exe [129024 Ko]
[MD5.3EE6C4A17173C0B6822585296E9AB209] - [14/07/2009 10:19:46] - 944 | C:\windows\system32\services.exe (.Microsoft Corporation - Applications Services et Contrôleur.) - (6.1.7600.16385) -> C:\windows\system32\services.exe [328704 Ko]
[MD5.C118A82CD78818C29AB228366EBF81C3] - [15/03/2012 14:28:46] - 960 | C:\windows\system32\lsass.exe (.Microsoft Corporation - Local Security Authority Process.) - (6.1.7601.17725) -> C:\windows\system32\lsass.exe [31232 Ko]
[MD5.F2BF82316E93E590FF081B95F68443B7] - [21/11/2010 14:23:53] - 968 | C:\windows\system32\lsm.exe (.Microsoft Corporation - Service du gestionnaire de session locale.) - (6.1.7601.17514) -> C:\windows\system32\lsm.exe [343040 Ko]
[MD5.6F68F63794097E54F36474ED4384B759] - [15/03/2012 14:10:54] - 420 | C:\windows\system32\svchost.exe (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7601.17568) -> C:\windows\system32\svchost.exe -k DcomLaunch [27648 Ko]
[MD5.6F68F63794097E54F36474ED4384B759] - [15/03/2012 14:10:54] - 936 | C:\windows\system32\svchost.exe (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7601.17568) -> C:\windows\system32\svchost.exe -k RPCSS [27648 Ko]
[MD5.6F68F63794097E54F36474ED4384B759] - [15/03/2012 14:10:54] - 1040 | C:\windows\System32\svchost.exe (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7601.17568) -> C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted [27648 Ko]
[MD5.6F68F63794097E54F36474ED4384B759] - [15/03/2012 14:10:54] - 1088 | C:\windows\System32\svchost.exe (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7601.17568) -> C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted [27648 Ko]
[MD5.6F68F63794097E54F36474ED4384B759] - [15/03/2012 14:10:54] - 1128 | C:\windows\system32\svchost.exe (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7601.17568) -> C:\windows\system32\svchost.exe -k netsvcs [27648 Ko]
[MD5.6F68F63794097E54F36474ED4384B759] - [15/03/2012 14:10:54] - 1260 | C:\windows\system32\svchost.exe (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7601.17568) -> C:\windows\system32\svchost.exe -k LocalService [27648 Ko]
[MD5.6F68F63794097E54F36474ED4384B759] - [15/03/2012 14:10:54] - 1364 | C:\windows\system32\svchost.exe (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7601.17568) -> C:\windows\system32\svchost.exe -k NetworkService [27648 Ko]
[MD5.6F68F63794097E54F36474ED4384B759] - [15/03/2012 14:10:54] - 1692 | C:\windows\system32\svchost.exe (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7601.17568) -> C:\windows\system32\svchost.exe -k LocalServiceNoNetwork [27648 Ko]
[MD5.6B07F63FDFB99DDDD9A9B0EF41AA36CE] - [20/08/2012 08:53:20] - 2480 | C:\windows\system32\mfevtps.exe (.McAfee, Inc. - McAfee Process Validation Service.) - (15.1.0.518) -> "C:\windows\system32\mfevtps.exe" [177144 Ko]
[MD5.BEBF11C735F5E09B18A9C6F5E7BC3A6D] - [20/08/2012 09:01:42] - 2184 | C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe (.McAfee, Inc. - McAfee On-Access Scanner service.) - (15.1.0.461) -> "C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe" [237920 Ko]
[MD5.A85432F3960504F4A923A7385F2A0C12] - [20/08/2012 09:01:46] - 1736 | C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (.McAfee, Inc. - McAfee Core Firewall Service.) - (15.1.0.518) -> "C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe" [218320 Ko]
[MD5.521202AA6F2B74FCCC6BC7E162109D71] - [14/07/2009 10:47:12] - 3452 | C:\windows\system32\wbem\unsecapp.exe (.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) - (6.1.7600.16385) -> C:\windows\system32\wbem\unsecapp.exe -Embedding [47104 Ko]
[MD5.34D4C852C7EAAD794C5932D7B894CBA8] - [21/11/2010 14:24:15] - 3496 | C:\windows\system32\wbem\wmiprvse.exe (.Microsoft Corporation - WMI Provider Host.) - (6.1.7601.17514) -> C:\windows\system32\wbem\wmiprvse.exe [372736 Ko]
[MD5.6F68F63794097E54F36474ED4384B759] - [15/03/2012 14:10:54] - 4260 | C:\windows\system32\svchost.exe (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7601.17568) -> C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [27648 Ko]
[MD5.6F68F63794097E54F36474ED4384B759] - [15/03/2012 14:10:54] - 4440 | C:\windows\system32\svchost.exe (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7601.17568) -> C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted [27648 Ko]
[MD5.34D4C852C7EAAD794C5932D7B894CBA8] - [21/11/2010 14:24:15] - 3564 | C:\windows\system32\wbem\wmiprvse.exe (.Microsoft Corporation - WMI Provider Host.) - (6.1.7601.17514) -> C:\windows\system32\wbem\wmiprvse.exe [372736 Ko]
[MD5.6F68F63794097E54F36474ED4384B759] - [15/03/2012 14:10:54] - 6632 | C:\windows\System32\svchost.exe (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7601.17568) -> C:\windows\System32\svchost.exe -k LocalServicePeerNet [27648 Ko]
[MD5.A8EDB86FC2A4D6D1285E4C70384AC35A] - [14/07/2009 10:59:17] - 6428 | C:\windows\system32\DllHost.exe (.Microsoft Corporation - COM Surrogate.) - (6.1.7600.16385) -> C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7} [9728 Ko]
[MD5.60C2862B4BF0FD9F582EF344C2B1EC72] - [14/07/2009 10:19:49] - 5556 | C:\windows\system32\csrss.exe (.Microsoft Corporation - Processus d'exécution client-serveur.) - (6.1.7600.16385) -> %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 [7680 Ko]
[MD5.8ACDF26E44D108653FE638ABDF5BB043] - [21/11/2010 14:24:29] - 5468 | C:\windows\system32\winlogon.exe (.Microsoft Corporation - Application d'ouverture de session Windows.) - (6.1.7601.17514) -> winlogon.exe [390656 Ko]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - [14/07/2009 10:41:43] - 6556 | C:\windows\SysWOW64\rundll32.exe (.Microsoft Corporation - Processus hôte Windows (Rundll32).) - (6.1.7600.16385) -> "C:\windows\system32\rundll32.exe" "c:\PROGRA~2\mcafee\SITEAD~1\saHook.dll", saHooker_Initialize_and_Wait [44544 Ko]
[MD5.F162D5F5E845B9DC352DD1BAD8CEF1BC] - [14/07/2009 10:37:38] - 6264 | C:\windows\system32\Dwm.exe (.Microsoft Corporation - Gestionnaire de fenêtres du Bureau.) - (6.1.7600.16385) -> "C:\windows\system32\Dwm.exe" [120320 Ko]
[MD5.0D6BB8B1F81231F9264F6B4979BD900F] - [14/02/2012 11:23:08] - 4420 | C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (.TOSHIBA Corporation - TOSHIBA Flash Cards Main Module.) - (1.0.16.64) -> "C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe" [989056 Ko]
[MD5.22080A583FC60ECB1DB1B0B46B32225A] - [28/09/2012 13:02:34] - 1960 | C:\Users\utilisateur\Desktop\winlogon.exe (. - g3n-h@ckm@n.) - (2.0.9.28) -> "C:\Users\utilisateur\Desktop\winlogon.exe" [1769339 Ko]
[MD5.5334C75D014A4DDD257019EDCEA9985F] - [03/02/2012 16:29:52] - 5780 | C:\Program Files\Intel\iCLS Client\HeciServer.exe (.Intel(R) Corporation - Intel(R) Capability Licensing Service Interface.) - (1.23.605.1) -> "C:\Program Files\Intel\iCLS Client\HeciServer.exe" [628448 Ko]
[MD5.A5BA8710E3C5A7563C359F364974F2ED] - [31/07/2012 04:05:59] - 1460 | C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (.TeamViewer GmbH - TeamViewer Remote Control Application.) - (7.0.12313.0) -> "C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe" [2984832 Ko]
[MD5.5D63FBE874CEE3C61C68536A1CD7282B] - [29/03/2011 15:11:06] - 2164 | C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (.Microsoft Corp. - Microsoft® Windows Live ID Service.) - (7.250.4232.0) -> "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" [2292096 Ko]
[MD5.2E74E62AC54210033BAE40AFEB98380A] - [08/05/2012 17:24:40] - 2868 | C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (.Intel Corporation - Local Manageability Service.) - (8.0.3.1427) -> "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe" [277784 Ko]
[MD5.DA564DA7ED156AD4B3FC76853A6D2978] - [29/03/2011 15:11:06] - 3860 | C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (.Microsoft Corp. - Microsoft® Windows Live ID Service Monitor.) - (7.250.4232.0) -> WLIDSvcM.exe 2164 [223104 Ko]
[MD5.E72CC771FFB4DA5995D422DAB718AAC6] - [21/11/2010 14:25:05] - 5252 | C:\Program Files\Windows Media Player\wmpnetwk.exe (.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) - (12.0.7601.17514) -> "C:\Program Files\Windows Media Player\wmpnetwk.exe" [1525248 Ko]
[MD5.EB26CE28CA682D39D0CBFEA6FE28E12D] - [15/03/2012 14:23:10] - 2300 | C:\windows\system32\SearchIndexer.exe (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.7601.17610) -> C:\windows\system32\SearchIndexer.exe /Embedding [591872 Ko]
[MD5.81FC8AC5503F4150BE8F7DD7176E39D0] - [15/03/2012 14:23:10] - 2728 | C:\windows\system32\SearchProtocolHost.exe (.Microsoft Corporation - Microsoft Windows Search Protocol Host.) - (7.0.7601.17610) -> "C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" [249856 Ko]
[MD5.49A3AD5CE578CD77F445F3D244AEAB2D] - [15/03/2012 14:23:10] - 2800 | C:\windows\system32\SearchFilterHost.exe (.Microsoft Corporation - Microsoft Windows Search Filter Host.) - (7.0.7601.17610) -> "C:\windows\system32\SearchFilterHost.exe" 0 536 540 548 65536 544 [113664 Ko]
[MD5.3FE7C2DA248A3F03604D2A6570C479A4] - [20/08/2012 07:43:30] - 2992 | C:\windows\System32\spoolsv.exe (.Microsoft Corporation - Application sous-système spouleur.) - (6.1.7601.17777) -> C:\windows\System32\spoolsv.exe [559104 Ko]
[MD5.F401929EE0CC92BFE7F15161CA535383] - [24/05/2012 13:28:56] - 5016 | C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (.Apple Inc. - MobileDeviceService.) - (17.89.0.42) -> "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" [55184 Ko]
[MD5.01409727EBD44EFF7ADDB3B68A0F2958] - [20/08/2012 09:01:34] - 3248 | C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (.McAfee, Inc. - McAfee Service Host.) - (2.6.195.0) -> "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [200728 Ko]
[MD5.3103F4837CA74D8E4C7BC429CD074002] - [20/08/2012 09:01:53] - 7112 | c:\PROGRA~1\mcafee.com\agent\mcagent.exe (.McAfee, Inc. - McAfee Security Center.) - (11.6.385.0) -> "c:\PROGRA~1\mcafee.com\agent\mcagent.exe" -Embedding [1527896 Ko]

¤¤¤¤¤¤¤¤¤¤ | Winlogon

¤

[HKLM | Winlogon]|[Shell] : explorer.exe
[HKLM64 | Winlogon]|[Shell] : explorer.exe
[HKLM | Winlogon]|[AutoRestartShell] : -> 0
[HKLM64 | Winlogon]|[AutoRestartShell] : 1 -> 0
[HKLM | Winlogon]|[userinit] : userinit.exe -> C:\windows\SysWOW64\userinit.exe,
[HKLM64 | Winlogon]|[userinit] : C:\Windows\system32\userinit.exe,
[HKLM | Winlogon]|[PowerDownAfterShutdown] : -> 1
[HKLM64 | Winlogon]|[PowerDownAfterShutdown] : 0 -> 1
[HKLM | Winlogon]|[System] :
[HKLM64 | Winlogon]|[System] :

¤¤¤¤¤¤¤¤¤¤ | Associations

[.exe] : exefile
[exefile | command] : "%1" %*
[.com] : comfile
[comfile | command] : "%1" %*
[.reg] : regfile
[regfile | command] : regedit.exe "%1"
[.scr] : scrfile
[scrfile | command] : "%1" /S
[.bat] : batfile
[batfile | command] : "%1" %*
[.cmd] : cmdfile
[cmdfile | command] : "%1" %*
[.pif] : piffile
[piffile | command] : "%1" %*
[.url] : InternetShortcut
[InternetShortcut | command] : "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l
[Application.Manifest | command] : rundll32.exe dfshim.dll,ShOpenVerbApplication %1
[Application.Reference | command] : rundll32.exe dfshim.dll,ShOpenVerbShortcut %1|%2
[Folder | command] : %SystemRoot%\Explorer.exe -> C:\windows\explorer.exe

¤

[IE | Command] | @ : C:\Program Files (x86)\Internet Explorer\iexplore.exe -> "C:\Program Files (x86)\Internet Explorer\iexplore.exe"
[IE64 | Command] | @ : "C:\Program Files (x86)\Internet Explorer\iexplore.exe"
[Applications | IE | Command] | @ : "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1
[Chrome | Command] | @ : "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -> "C:\Users\utilisateur\AppData\Local\Google\Chrome\Application\Chrome.exe"
[Chrome64 | Command] | @ : "C:\Users\utilisateur\AppData\Local\Google\Chrome\Application\Chrome.exe"
[Assoc | Applications] | @ : http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s -> http://shell.windows.com/fileassoc/%04x/xml/redir.asp?Ext=%s
[Assoc64 | Applications] | @ : http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s -> http://shell.windows.com/fileassoc/%04x/xml/redir.asp?Ext=%s

¤¤¤¤¤¤¤¤¤¤ | Corrections diverses

[HKLM | Advanced\Folder\Hidden\SHOWALL]|[CheckedValue] : 1
[HKLM64 | Advanced\Folder\Hidden\SHOWALL]|[CheckedValue] : 1
[HKLM | CurrentVersion\Explorer]|[AlwaysUnloadDll] : -> 1
[HKLM64 | CurrentVersion\Explorer]|[AlwaysUnloadDll] : -> 1
[HKU\S-1-5-21-1415005117-1820878988-2034386346-1001 | Desktop]|[Wallpaper] : C:\Users\utilisateur\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
[HKU\S-1-5-18 | Desktop]|[Wallpaper] : C:\Windows\System32\oobe\info\backgrounds\BackgroundDefault.jpg
[HKU64\S-1-5-21-1415005117-1820878988-2034386346-1001 | Desktop]|[Wallpaper] : C:\Users\utilisateur\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
[HKU64\S-1-5-18 | Desktop]|[Wallpaper] : C:\Windows\System32\oobe\info\backgrounds\BackgroundDefault.jpg
[HKU\S-1-5-19 | Explorer\Advanced]|[Hidden] : -> 0
[HKU\S-1-5-20 | Explorer\Advanced]|[Hidden] : -> 0
[HKU\S-1-5-21-1415005117-1820878988-2034386346-1001 | Explorer\Advanced]|[Hidden] : 1 -> 0
[HKU\S-1-5-21-1415005117-1820878988-2034386346-1001_Classes | Explorer\Advanced]|[Hidden] : -> 0
[HKU\S-1-5-18 | Explorer\Advanced]|[Hidden] : -> 0
[HKU64\S-1-5-19 | Explorer\Advanced]|[Hidden] : 0
[HKU64\S-1-5-20 | Explorer\Advanced]|[Hidden] : 0
[HKU64\S-1-5-21-1415005117-1820878988-2034386346-1001 | Explorer\Advanced]|[Hidden] : 0
[HKU64\S-1-5-21-1415005117-1820878988-2034386346-1001_Classes | Explorer\Advanced]|[Hidden] : 0
[HKU64\S-1-5-18 | Explorer\Advanced]|[Hidden] : 0
[HKU\S-1-5-21-1415005117-1820878988-2034386346-1001 | Policies\Explorer]|[NoDriveTypeAutoRun] : 145
[HKU64\S-1-5-21-1415005117-1820878988-2034386346-1001 | Policies\Explorer]|[NoDriveTypeAutoRun] : 145
[HKLM | Control\SafeBoot]|[AlternateShell] : cmd.exe
[HKU\S-1-5-21-1415005117-1820878988-2034386346-1001 | Policies\System]|[{59031a47-3f72-44a7-89c5-5595fe6b30ee}] : 0
[HKU64\S-1-5-21-1415005117-1820878988-2034386346-1001 | Policies\System]|[{59031a47-3f72-44a7-89c5-5595fe6b30ee}] : 0
[HKU\S-1-5-21-1415005117-1820878988-2034386346-1001 | Policies\System]|[{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}] : 0
[HKU64\S-1-5-21-1415005117-1820878988-2034386346-1001 | Policies\System]|[{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}] : 0
[HKLM | HideDesktopIcons\NewStartPanel]|[{9343812e-1c37-4a49-a12e-4b2d810d956b}] : 1 -> 0
[HKLM64 | HideDesktopIcons\NewStartPanel]|[{9343812e-1c37-4a49-a12e-4b2d810d956b}] : 1 -> 0
[HKLM | HideDesktopIcons\NewStartPanel]|[{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}] : 1 -> 0
[HKLM64 | HideDesktopIcons\NewStartPanel]|[{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}] : 1 -> 0
[HKLM | HideDesktopIcons\NewStartPanel]|[{20D04FE0-3AEA-1069-A2D8-08002B30309D}] : 1 -> 0
[HKLM64 | HideDesktopIcons\NewStartPanel]|[{20D04FE0-3AEA-1069-A2D8-08002B30309D}] : 1 -> 0
[HKLM | HideDesktopIcons\NewStartPanel]|[{208D2C60-3AEA-1069-A2D7-08002B30309D}] : 1 -> 0
[HKLM64 | HideDesktopIcons\NewStartPanel]|[{208D2C60-3AEA-1069-A2D7-08002B30309D}] : 1 -> 0
[HKLM | HideDesktopIcons\NewStartPanel]|[{871C5380-42A0-1069-A2EA-08002B30309D}] : 1 -> 0
[HKLM64 | HideDesktopIcons\NewStartPanel]|[{871C5380-42A0-1069-A2EA-08002B30309D}] : 1 -> 0
[HKLM | HideDesktopIcons\NewStartPanel]|[{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}] : 1 -> 0
[HKLM64 | HideDesktopIcons\NewStartPanel]|[{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}] : 1 -> 0
[HKLM | HideDesktopIcons\NewStartPanel]|[{59031a47-3f72-44a7-89c5-5595fe6b30ee}] : 1 -> 0
[HKLM64 | HideDesktopIcons\NewStartPanel]|[{59031a47-3f72-44a7-89c5-5595fe6b30ee}] : 1 -> 0
[HKLM | Policies\Explorer]|[NoActiveDesktop] : 1 -> 0
[HKLM64 | Policies\Explorer]|[NoActiveDesktop] : 0
[HKLM | Policies\Explorer]|[NoActiveDesktopChanges] : 1 -> 0
[HKLM64 | Policies\Explorer]|[NoActiveDesktopChanges] : 0

14:56:22

¤¤¤¤¤¤¤¤¤¤ | SafeBoot | Control | Repair

[HKLM | Safeboot] -> OK
[HKLM | Safeboot\Minimal] -> OK
[HKLM | Safeboot\Network] -> OK

¤

[HKLM | Minimal\Base] : Driver Group -> OK
[HKLM | Minimal\Boot Bus Extender] : Driver Group -> OK
[HKLM | Minimal\Boot file system] : Driver Group -> OK
[HKLM | Minimal\File system] : Driver Group -> OK
[HKLM | Minimal\Filter] : Driver Group -> OK
[HKLM | Minimal\PCI Configuration] : Driver Group -> OK
[HKLM | Minimal\PNP Filter] : Driver Group -> OK
[HKLM | Minimal\Primary disk] : Driver Group -> OK
[HKLM | Minimal\SCSI Class] : Driver Group -> OK
[HKLM | Minimal\System Bus Extender] : Driver Group -> OK
[HKLM | Minimal\AppMgmt] : Service -> OK
[HKLM | Minimal\CryptSvc] : Service -> OK
[HKLM | Minimal\DcomLaunch] : Service -> OK
[HKLM | Minimal\dmadmin] : -> Service
[HKLM | Minimal\dmserver] : -> Service
[HKLM | Minimal\EventLog] : Service -> OK
[HKLM | Minimal\HelpSvc] : Service -> OK
[HKLM | Minimal\Netlogon] : Service -> OK
[HKLM | Minimal\PlugPlay] : Service -> OK
[HKLM | Minimal\RpcSs] : Service -> OK
[HKLM | Minimal\SRService] : -> Service
[HKLM | Minimal\vds] : Service -> OK
[HKLM | Minimal\WinMgmt] : Service -> OK
[HKLM | Minimal\dmboot.sys] : -> Driver
[HKLM | Minimal\dmio.sys] : -> Driver
[HKLM | Minimal\dmload.sys] : -> Driver
[HKLM | Minimal\sermouse.sys] : Driver -> OK
[HKLM | Minimal\vga.sys] : Driver -> OK
[HKLM | Minimal\vgasave.sys] : Driver -> OK
[HKLM | Minimal\sr.sys] : -> FSFilter System Recovery
[HKLM | Minimal\{36FC9E60-C465-11CF-8056-444553540000}] : Universal Serial Bus controllers -> OK
[HKLM | Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] : CD-ROM Drive -> OK
[HKLM | Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] : DiskDrive -> OK
[HKLM | Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] : Standard floppy disk controller -> OK
[HKLM | Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] : Hdc -> OK
[HKLM | Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] : Keyboard -> OK
[HKLM | Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] : Mouse -> OK
[HKLM | Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] : PCMCIA Adapters -> OK
[HKLM | Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] : SCSIAdapter -> OK
[HKLM | Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] : System -> OK
[HKLM | Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] : Floppy disk drive -> OK
[HKLM | Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] : Volume shadow copy -> OK
[HKLM | Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] : Volume -> OK
[HKLM | Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] : Human Interface Devices -> OK

¤

[HKLM | Network\Base] : Driver Group -> OK
[HKLM | Network\Boot Bus Extender] : Driver Group -> OK
[HKLM | Network\Boot file system] : Driver Group -> OK
[HKLM | Network\File system] : Driver Group -> OK
[HKLM | Network\Filter] : Driver Group -> OK
[HKLM | Network\NDIS] : Driver Group -> OK
[HKLM | Network\NDIS Wrapper] : Driver Group -> OK
[HKLM | Network\NetBIOSGroup] : Driver Group -> OK
[HKLM | Network\NetDDEGroup] : Driver Group -> OK
[HKLM | Network\Network] : Driver Group -> OK
[HKLM | Network\NetworkProvider] : Driver Group -> OK
[HKLM | Network\PCI Configuration] : Driver Group -> OK
[HKLM | Network\PNP Filter] : Driver Group -> OK
[HKLM | Network\PNP_TDI] : Driver Group -> OK
[HKLM | Network\Primary disk] : Driver Group -> OK
[HKLM | Network\SCSI Class] : Driver Group -> OK
[HKLM | Network\Streams Drivers] : Driver Group -> OK
[HKLM | Network\System Bus Extender] : Driver Group -> OK
[HKLM | Network\TDI] : Driver Group -> OK
[HKLM | Network\AFD] : Service -> OK
[HKLM | Network\AppMgmt] : Service -> OK
[HKLM | Network\Browser] : Service -> OK
[HKLM | Network\CryptSvc] : Service -> OK
[HKLM | Network\DcomLaunch] : Service -> OK
[HKLM | Network\Dhcp] : Service -> OK
[HKLM | Network\dmadmin] : -> Service
[HKLM | Network\dmserver] : -> Service
[HKLM | Network\DnsCache] : Service -> OK
[HKLM | Network\EventLog] : Service -> OK
[HKLM | Network\HelpSvc] : Service -> OK
[HKLM | Network\LanmanServer] : Service -> OK
[HKLM | Network\LanmanWorkstation] : Service -> OK
[HKLM | Network\LmHosts] : Service -> OK
[HKLM | Network\Messenger] : Service -> OK
[HKLM | Network\Ndisuio] : Service -> OK
[HKLM | Network\NetBIOS] : Service -> OK
[HKLM | Network\NetBT] : Service -> OK
[HKLM | Network\Netlogon] : Service -> OK
[HKLM | Network\NetMan] : Service -> OK
[HKLM | Network\NtLmSsp] : -> Service
[HKLM | Network\PlugPlay] : Service -> OK
[HKLM | Network\rdsessmgr] : Service -> OK
[HKLM | Network\RpcSs] : Service -> OK
[HKLM | Network\sharedaccess] : Service -> OK
[HKLM | Network\SRService] : -> Service
[HKLM | Network\Tcpip] : Service -> OK
[HKLM | Network\termservice] : -> Service
[HKLM | Network\vds] : Service -> OK
[HKLM | Network\WinMgmt] : Service -> OK
[HKLM | Network\Wlansvc] : Service -> OK
[HKLM | Network\dmboot.sys] : -> Driver
[HKLM | Network\dmio.sys] : -> Driver
[HKLM | Network\dmload.sys] : -> Driver
[HKLM | Network\ipnat.sys] : Driver -> OK
[HKLM | Network\ip6fw.sys] : -> Driver
[HKLM | Network\rdpcdd.sys] : -> Driver
[HKLM | Network\sr.sys] : -> FSFilter System Recovery
[HKLM | Network\{36FC9E60-C465-11CF-8056-444553540000}] : Universal Serial Bus controllers -> OK
[HKLM | Network\{4D36E965-E325-11CE-BFC1-08002BE10318}] : CD-ROM Drive -> OK
[HKLM | Network\{4D36E967-E325-11CE-BFC1-08002BE10318}] : DiskDrive -> OK
[HKLM | Network\{4D36E969-E325-11CE-BFC1-08002BE10318}] : Standard floppy disk controller -> OK
[HKLM | Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] : Hdc -> OK
[HKLM | Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] : Keyboard -> OK
[HKLM | Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] : Mouse -> OK
[HKLM | Network\{4D36E972-E325-11CE-BFC1-08002BE10318}] : Net -> OK
[HKLM | Network\{4D36E973-E325-11CE-BFC1-08002BE10318}] : NetClient -> OK
[HKLM | Network\{4D36E974-E325-11CE-BFC1-08002BE10318}] : NetService -> OK
[HKLM | Network\{4D36E975-E325-11CE-BFC1-08002BE10318}] : NetTrans -> OK
[HKLM | Network\{4D36E977-E325-11CE-BFC1-08002BE10318}] : PCMCIA Adapters -> OK
[HKLM | Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}] : SCSIAdapter -> OK
[HKLM | Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}] : System -> OK
[HKLM | Network\{4D36E980-E325-11CE-BFC1-08002BE10318}] : Floppy disk drive -> OK
[HKLM | Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] : Volume -> OK
[HKLM | Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] : Human Interface Devices -> OK

¤¤¤¤¤¤¤¤¤¤ | IFEO

¤¤¤¤¤¤¤¤¤¤ | Mountpoints2

¤¤¤¤¤¤¤¤¤¤ | Windows

[HKLM | Session Manager\SubSystems]|[Windows] : winsrv : %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]|[AppInit_DLLS] : C:\windows\SysWOW64\nvinit.dll
[HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]|[AppInit_DLLS] : C:\windows\system32\nvinitx.dll
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]|[LoadAppInit_DLLs] : 1
[HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]|[LoadAppInit_DLLs] : 1

¤¤¤¤¤¤¤¤¤¤ | Security Center

[HKLM64 | Security Center\svc]|[AntispywareOverride] : 0
[HKLM64 | Security Center\svc]|[AntiVirusOverride] : 0
[HKLM64 | Security Center\svc]|[FirewallOverride] : 0

[HKLM | FirewallPolicy\DomainProfile]|[DisableNotifications] : 0
[HKLM | FirewallPolicy\StandardProfile]|[DisableNotifications] : 0

¤¤¤¤¤¤¤¤¤¤ | Services Corrections

[Compbatt] : 0 : Actif
[RPCSS] : 2 : Actif
[Power] : 2 : Actif
[Profsvc] : 2 : Actif
[PlugPlay] : 2 : Actif
[PEAUTH] : 2 : Actif
[NVSvc] : 2 : Inactif
[nsi] : 2 : Actif
[NLASvc] : 2 : Actif
[MPSsvc] : 2 : Actif
[MMCSS] : 2 : Actif
[luafv] : 2 : Actif
[lltdio] : 2 : Actif
[Iphlpsvc] : 2 : Actif
[IKEEXT] : 2 : Actif
[gpsvc] : 2 : Actif
[lmhosts] : 2 : Actif
[LanmanWorkstation] : 2 : Actif
[LanmanServer] : 2 : Actif
[agp440] : 3 -> 2 : Inactif
[AudioEndpointBuilder] : 2 : Actif
[Audiosrv] : 2 : Actif
[BFE] : 2 : Actif
[Bits] : 2 : Actif
[CryptSvc] : 2 : Actif
[EapHost] : 3 -> 2 : Actif
[Wlansvc] : 2 : Actif
[SppSvc] : 2 : Actif
[SharedAccess] : 3 -> 2 : Inactif
[windefend] : 3 -> 2 : Inactif
[winmgmt] : 2 : Actif
[wuauserv] : 2 : Actif
[wudfsvc] : 2 : Actif
[WerSvc] : 3 -> 2 : Inactif
[wscsvc] : 2 : Actif
[Cmbatt] : 3 : Actif
[Ndisuio] : 3 : Actif
[Wwansvc] : 3 : Inactif

14:56:25

¤¤¤¤¤¤¤¤¤¤ | Internet Explorer

[HKU\S-1-5-21-1415005117-1820878988-2034386346-1001 | Main]|[Start Page] : https://www.google.com/webhp?gws_rd=ssl -> https://www.google.com/?gws_rd=ssl
[HKU64\S-1-5-21-1415005117-1820878988-2034386346-1001 | Main]|[Start Page] : https://www.google.com/?gws_rd=ssl
[HKU\S-1-5-21-1415005117-1820878988-2034386346-1001 | Main]|[Local Page] : C:\windows\system32\blank.htm
[HKU64\S-1-5-21-1415005117-1820878988-2034386346-1001 | Main]|[Local Page] : C:\windows\system32\blank.htm
[HKU\S-1-5-21-1415005117-1820878988-2034386346-1001 | Main]|[Search Page] : https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
[HKU64\S-1-5-21-1415005117-1820878988-2034386346-1001 | Main]|[Search Page] : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

[HKLM | Search]|[SearchAssistant] : -> http://www.google.com/toolbar/ie8/sidebar.html
[HKLM | Main]|[Start Page] : https://www.msn.com/fr-fr/?ocid=iehp
[HKLM64 | Main]|[Start Page] : https://www.msn.com/fr-fr/?ocid=iehp
[HKLM | Main]|[Local Page] : C:\Windows\SysWOW64\blank.htm
[HKLM64 | Main]|[Local Page] : C:\Windows\System32\blank.htm -> C:\windows\System32\blank.htm
[HKLM | Main]|[Default_Search_URL] : https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
[HKLM64 | Main]|[Default_Search_URL] : https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
[HKLM | Main]|[Default_Page_URL] : https://www.msn.com/fr-fr/?ocid=iehp
[HKLM64 | Main]|[Default_Page_URL] : https://www.msn.com/fr-fr/?ocid=iehp
[HKLM | Main]|[Search Page] : https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
[HKLM64 | Main]|[Search Page] : https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
[HKLM | AboutURLs]|[Tabs] : -> res://ieframe.dll/tabswelcome.htm

¤

[HKU\S-1-5-21-1415005117-1820878988-2034386346-1001 | Internet settings]|[ProxyOverride] : *.local
[HKU64\S-1-5-21-1415005117-1820878988-2034386346-1001 | Internet settings]|[ProxyOverride] : *.local
[HKU\S-1-5-19 | Internet settings]|[EnableHttp1_1] : 1
[HKU\S-1-5-20 | Internet settings]|[EnableHttp1_1] : 1
[HKU\S-1-5-21-1415005117-1820878988-2034386346-1001 | Internet settings]|[EnableHttp1_1] : 1
[HKU64\S-1-5-19 | Internet settings]|[EnableHttp1_1] : 1
[HKU64\S-1-5-20 | Internet settings]|[EnableHttp1_1] : 1
[HKU64\S-1-5-21-1415005117-1820878988-2034386346-1001 | Internet settings]|[EnableHttp1_1] : 1
[HKU\S-1-5-21-1415005117-1820878988-2034386346-1001 | Internet settings]|[MigrateProxy] : 1
[HKU64\S-1-5-21-1415005117-1820878988-2034386346-1001 | Internet settings]|[MigrateProxy] : 1
[HKU\S-1-5-19 | Internet settings]|[AutoConfigProxy] : wininet.dll
[HKU\S-1-5-20 | Internet settings]|[AutoConfigProxy] : wininet.dll
[HKU\S-1-5-21-1415005117-1820878988-2034386346-1001 | Internet settings]|[AutoConfigProxy] : wininet.dll
[HKU64\S-1-5-19 | Internet settings]|[AutoConfigProxy] : wininet.dll
[HKU64\S-1-5-20 | Internet settings]|[AutoConfigProxy] : wininet.dll
[HKU64\S-1-5-21-1415005117-1820878988-2034386346-1001 | Internet settings]|[AutoConfigProxy] : wininet.dll

¤¤¤¤¤¤¤¤¤¤ | DNS

[HKLM\SYSTEM\CCS | Tcpip\Parameters]|[DhcpNameServer] : 192.168.2.1
[HKLM\SYSTEM\ControlSet001 | Interfaces\{A01CDB5D-7B89-4F91-AB71-8F0B692F5DA5}]|[DhcpNameServer] : 192.168.2.1
[HKLM\SYSTEM\ControlSet002 | Interfaces\{A01CDB5D-7B89-4F91-AB71-8F0B692F5DA5}]|[DhcpNameServer] : 192.168.2.1
[HKLM\SYSTEM\CurrentControlSet | Interfaces\{A01CDB5D-7B89-4F91-AB71-8F0B692F5DA5}]|[DhcpNameServer] : 192.168.2.1

¤¤¤¤¤¤¤¤¤¤ | Hosts

C:\windows\System32\Drivers\etc\hosts : Cleaned :)

¤¤¤¤¤¤¤¤¤¤ | Files | Folders | Registry

Deleted : [HKLM64\Software\SOFTWARE]

Quarantined and deleted Successfully : C:\Users\UTILIS~1\AppData\Local\Temp\08182030-00000e9c-tlnne2e95v\tmpC074.tmp
Quarantined and deleted Successfully : C:\Users\UTILIS~1\AppData\Local\Temp\AdobeARM.log
Quarantined and deleted Successfully : C:\Users\UTILIS~1\AppData\Local\Temp\MCCLEANUP.5.0.285.4_DMPackage_en-US_Release\mccleanup.exe
Quarantined and deleted Successfully : C:\Users\UTILIS~1\AppData\Local\Temp\MCCLEANUP.5.0.285.4_DMPackage_en-US_Release\McClnUI.exe
Impossible to move : C:\Users\UTILIS~1\AppData\Local\Temp\~DFC3414DA01416FBD3.TMP
Quarantined and deleted Successfully : C:\windows\Temp\chrome_installer.log
Quarantined and deleted Successfully : C:\windows\Temp\CR_AF2E0.tmp
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120818-155657-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120818-200347-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120818-203352-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120818-222425-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120818-230146-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120819-001413-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120819-092311-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120819-135756-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120819-152511-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120819-165759-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120819-172611-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120819-181244-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120819-190023-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120820-073131-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120820-082043-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120820-083847-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120820-084727-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120820-145423-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120820-170332-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120820-193859-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120821-172002-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120821-193720-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120821-195401-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120822-135353-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120822-183048-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120823-171859-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120824-122002-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120824-134929-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120824-144136-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120824-181041-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120824-211900-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120825-073533-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120826-180559-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120827-181146-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120827-193911-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120828-072253-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120828-150027-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120828-185840-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120829-130553-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120829-153927-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120830-171300-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120831-181534-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120901-051430-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120901-101119-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120901-102122-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120902-181312-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120902-202329-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120903-163936-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120903-200410-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120904-073830-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120904-093545-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120904-165658-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120904-201347-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120905-072516-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120905-173106-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120905-200555-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120905-210522-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120906-074233-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120906-151155-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120906-161212-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120906-194004-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120906-202527-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120907-075105-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120907-114008-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120907-132623-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120907-171446-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120907-190226-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120907-201941-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120907-203820-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120908-133440-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120908-142032-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120908-193047-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120908-215150-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120909-150016-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120909-200126-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120910-073331-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120910-134126-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120910-164543-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120910-191832-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120910-203827-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120911-075419-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120911-114158-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120911-175433-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120911-231054-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120914-165544-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120914-202846-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120915-132647-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120915-164814-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120915-205252-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120916-125908-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120916-164801-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120918-130108-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120918-174947-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120919-134256-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120920-171750-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120921-205215-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120922-123614-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120922-204152-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120923-152711-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120923-200324-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120924-073852-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120925-172016-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120925-173046-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120925-173646-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120925-181646-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120925-182008-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120925-183942-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120925-185924-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120926-135135-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120926-143640-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120926-152341-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120928-125417-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120928-135120-0.log
Quarantined and deleted Successfully : C:\windows\Temp\lpksetup-20120928-144811-0.log
Quarantined and deleted Successfully : C:\windows\Temp\mcertfix.log
Quarantined and deleted Successfully : C:\windows\Temp\MpCmdRun.log
Quarantined and deleted Successfully : C:\windows\Temp\Silverlight0.log
Quarantined and deleted Successfully : C:\windows\Temp\SilverlightMSI.log
Quarantined and deleted Successfully : C:\windows\Temp\TS_83FE.tmp
Quarantined and deleted Successfully : C:\windows\Temp\WER1A93.tmp.appcompat.txt
Quarantined and deleted Successfully : C:\windows\Temp\WER22CE.tmp.WERInternalMetadata.xml
Quarantined and deleted Successfully : C:\windows\Temp\WER22CF.tmp.hdmp
Quarantined and deleted Successfully : C:\windows\Temp\WERADDC.tmp.appcompat.txt
Quarantined and deleted Successfully : C:\windows\Temp\wrapper-3804-20120820-084742.log
Quarantined and deleted Successfully : C:\windows\Temp\wrapper-4588-20120818-230216.log
Quarantined and deleted Successfully : C:\Users\utilisateur\agent.log
Quarantined and deleted Successfully : C:\Users\utilisateur\Downloads\McAfeeSetup.exe
Deleted : [HKLM | Run]|[mcui_exe] : "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
Impossible to move : C:\Program Files\McAfee.com

15:13:30

Quarantined and deleted Successfully : C:\Users\Public\Desktop\McAfee Total Protection.lnk
Deleted : C:\windows\Temp\CR_AF2E0.tmp
Quarantined and deleted Successfully : C:\Users\utilisateur\AppData\Local\temporary internet files\Content.IE5\KAVGTCPV\iTunes64Setup[1].exe
Quarantined and deleted successfully : C:\windows\Prefetch\ADOBEARM.EXE-7105D3A2.pf
Quarantined and deleted successfully : C:\windows\Prefetch\APPLEMOBILEDEVICEHELPER.EXE-EDD411E2.pf
Quarantined and deleted successfully : C:\windows\Prefetch\APSDAEMON.EXE-4484BAA6.pf
Quarantined and deleted successfully : C:\windows\Prefetch\AS.EXE-73041DA0.pf
Quarantined and deleted successfully : C:\windows\Prefetch\ATBROKER.EXE-2E15A492.pf
Quarantined and deleted successfully : C:\windows\Prefetch\AUDIODG.EXE-BDFD3029.pf
Quarantined and deleted successfully : C:\windows\Prefetch\BOOTSTRAP.EXE-6590A3BC.pf
Quarantined and deleted successfully : C:\windows\Prefetch\CALCULETTE.EXE-620F3A44.pf
Quarantined and deleted successfully : C:\windows\Prefetch\CB_CONSOLE_RUNNER.EXE-D82B1D66.pf
0
Réponse 13 / 47
Nugup Messages postés 44 Statut Membre
 
Quarantined and deleted successfully : C:\windows\Prefetch\CB_CONSOLE_RUNNER.EXE-D82B1D66.pf
Quarantined and deleted successfully : C:\windows\Prefetch\CC1.EXE-12C74598.pf
Quarantined and deleted successfully : C:\windows\Prefetch\CODEBLOCKS.EXE-50D0A09B.pf
Quarantined and deleted successfully : C:\windows\Prefetch\COLLECT2.EXE-6698B01D.pf
Quarantined and deleted successfully : C:\windows\Prefetch\COMUPDATUS.EXE-8D36D2F0.pf
Quarantined and deleted successfully : C:\windows\Prefetch\CONHOST.EXE-1F3E9D7E.pf
Quarantined and deleted successfully : C:\windows\Prefetch\CRASHREPORTSENDER.EXE-5961FD94.pf
Quarantined and deleted successfully : C:\windows\Prefetch\CSC.EXE-BE9AC2DF.pf
Quarantined and deleted successfully : C:\windows\Prefetch\CVTRES.EXE-2B9D810D.pf
Quarantined and deleted successfully : C:\windows\Prefetch\DAEMONU.EXE-79EAD54C.pf
Quarantined and deleted successfully : C:\windows\Prefetch\DEFRAG.EXE-588F90AD.pf
Quarantined and deleted successfully : C:\windows\Prefetch\DISTNOTED.EXE-9671246C.pf
Quarantined and deleted successfully : C:\windows\Prefetch\DLLHOST.EXE-0C6AD872.pf
Quarantined and deleted successfully : C:\windows\Prefetch\DLLHOST.EXE-7D7EBC64.pf
Quarantined and deleted successfully : C:\windows\Prefetch\DLLHOST.EXE-CC4B96AE.pf
Quarantined and deleted successfully : C:\windows\Prefetch\DLLHOST.EXE-D6E483ED.pf
Quarantined and deleted successfully : C:\windows\Prefetch\DLLHOST.EXE-F44E39AD.pf
Quarantined and deleted successfully : C:\windows\Prefetch\FLASHPLAYERUPDATESERVICE.EXE-216D9C35.pf
Quarantined and deleted successfully : C:\windows\Prefetch\GOOGLEUPDATE.EXE-B95715F5.pf
Quarantined and deleted successfully : C:\windows\Prefetch\HKCMD.EXE-AE1DFF3B.pf
Quarantined and deleted successfully : C:\windows\Prefetch\HWUPDCHK.EXE-17789F96.pf
Quarantined and deleted successfully : C:\windows\Prefetch\IGFXEXT.EXE-D5F523DB.pf
Quarantined and deleted successfully : C:\windows\Prefetch\IGFXSRVC.EXE-96A493A4.pf
Quarantined and deleted successfully : C:\windows\Prefetch\IGFXTRAY.EXE-C444237E.pf
Quarantined and deleted successfully : C:\windows\Prefetch\IPODSERVICE.EXE-37C43D64.pf
Quarantined and deleted successfully : C:\windows\Prefetch\ISMAGENT.EXE-A1F32AF6.pf
Quarantined and deleted successfully : C:\windows\Prefetch\ITUNES.EXE-6E101229.pf
Quarantined and deleted successfully : C:\windows\Prefetch\ITUNESHELPER.EXE-010C3851.pf
Quarantined and deleted successfully : C:\windows\Prefetch\LD.EXE-ACE90D74.pf
Quarantined and deleted successfully : C:\windows\Prefetch\LMS.EXE-8C70F87D.pf
Quarantined and deleted successfully : C:\windows\Prefetch\LOGONUI.EXE-09140401.pf
Quarantined and deleted successfully : C:\windows\Prefetch\LPKSETUP.EXE-90F505D8.pf
Quarantined and deleted successfully : C:\windows\Prefetch\MCAGENT.EXE-414BDE46.pf
Quarantined and deleted successfully : C:\windows\Prefetch\MCHOST.EXE-7C07A572.pf
Quarantined and deleted successfully : C:\windows\Prefetch\MCINFO.EXE-73BBFA2D.pf
Quarantined and deleted successfully : C:\windows\Prefetch\MCINSTRU.EXE-5D74CB87.pf
Quarantined and deleted successfully : C:\windows\Prefetch\MCINSUPD.EXE-28DD6734.pf
Quarantined and deleted successfully : C:\windows\Prefetch\MCOCROLLBACK.EXE-C2E56CCF.pf
Quarantined and deleted successfully : C:\windows\Prefetch\MCODS.EXE-8D46D95B.pf
Quarantined and deleted successfully : C:\windows\Prefetch\MCSMTFWK.EXE-047F7B2C.pf
Quarantined and deleted successfully : C:\windows\Prefetch\MCSVRCNT.EXE-9D546F81.pf
Quarantined and deleted successfully : C:\windows\Prefetch\MCSYNC.EXE-94E92097.pf
Quarantined and deleted successfully : C:\windows\Prefetch\MCSYNC.EXE-A4B62562.pf
Quarantined and deleted successfully : C:\windows\Prefetch\MCUICNT.EXE-DF90E34C.pf
Quarantined and deleted successfully : C:\windows\Prefetch\MCUICNT.EXE-E0ABB155.pf
Quarantined and deleted successfully : C:\windows\Prefetch\MCUIHOST.EXE-35D01185.pf
Quarantined and deleted successfully : C:\windows\Prefetch\MCUPDATE.EXE-3BDA89ED.pf
Quarantined and deleted successfully : C:\windows\Prefetch\MCUPDATE.EXE-55CCA9E2.pf
Quarantined and deleted successfully : C:\windows\Prefetch\MCUPDMGR.EXE-D515E3C4.pf
Quarantined and deleted successfully : C:\windows\Prefetch\MCVSMAP.EXE-AC93DF0C.pf
Quarantined and deleted successfully : C:\windows\Prefetch\MFEFIRE.EXE-70CF7703.pf
Quarantined and deleted successfully : C:\windows\Prefetch\MINGW32-G++.EXE-4B1FD1CA.pf
Quarantined and deleted successfully : C:\windows\Prefetch\MINGW32-GCC.EXE-9DE3EBFA.pf
Quarantined and deleted successfully : C:\windows\Prefetch\MOBKBACKUP.EXE-233418B0.pf
Quarantined and deleted successfully : C:\windows\Prefetch\MSCORSVW.EXE-57D17DAF.pf
Quarantined and deleted successfully : C:\windows\Prefetch\MSCORSVW.EXE-C3C515BD.pf
Quarantined and deleted successfully : C:\windows\Prefetch\MUMBLE.EXE-5D7B72ED.pf
Quarantined and deleted successfully : C:\windows\Prefetch\NASVC.EXE-B158719F.pf
Quarantined and deleted successfully : C:\windows\Prefetch\NVTRAY.EXE-DB83881B.pf
Quarantined and deleted successfully : C:\windows\Prefetch\ONENOTEM.EXE-DC53F865.pf
Quarantined and deleted successfully : C:\windows\Prefetch\QCSHM.EXE-12ED2E03.pf
Quarantined and deleted successfully : C:\windows\Prefetch\QCSHM.EXE-A644EB40.pf
Quarantined and deleted successfully : C:\windows\Prefetch\RAVCPL64.EXE-D6B4B613.pf
Quarantined and deleted successfully : C:\windows\Prefetch\READER_SL.EXE-B1C62096.pf
Quarantined and deleted successfully : C:\windows\Prefetch\RUNDLL32.EXE-0A411499.pf
Quarantined and deleted successfully : C:\windows\Prefetch\RUNDLL32.EXE-0E6BEA3F.pf
Quarantined and deleted successfully : C:\windows\Prefetch\RUNDLL32.EXE-17A8777D.pf
Quarantined and deleted successfully : C:\windows\Prefetch\RUNDLL32.EXE-2EE46A2D.pf
Quarantined and deleted successfully : C:\windows\Prefetch\RUNDLL32.EXE-5B3E6BB2.pf
Quarantined and deleted successfully : C:\windows\Prefetch\RUNDLL32.EXE-C6F34559.pf
Quarantined and deleted successfully : C:\windows\Prefetch\RUNDLL32.EXE-C775D18D.pf
Quarantined and deleted successfully : C:\windows\Prefetch\RUNONCE.EXE-0E293DD6.pf
Quarantined and deleted successfully : C:\windows\Prefetch\SAUPD.EXE-1E90320D.pf
Quarantined and deleted successfully : C:\windows\Prefetch\SAUPD.EXE-5AED0364.pf
Quarantined and deleted successfully : C:\windows\Prefetch\SC.EXE-945D79AE.pf
Quarantined and deleted successfully : C:\windows\Prefetch\SDCLT.EXE-E10B972A.pf
Quarantined and deleted successfully : C:\windows\Prefetch\SEARCHFILTERHOST.EXE-77482212.pf
Quarantined and deleted successfully : C:\windows\Prefetch\SEARCHINDEXER.EXE-4A6353B9.pf
Quarantined and deleted successfully : C:\windows\Prefetch\SEARCHPROTOCOLHOST.EXE-0CB8CADE.pf
Quarantined and deleted successfully : C:\windows\Prefetch\SIDEBAR.EXE-FA75EA61.pf
Quarantined and deleted successfully : C:\windows\Prefetch\SKYPE.EXE-E71BF59F.pf
Quarantined and deleted successfully : C:\windows\Prefetch\SPLWOW64.EXE-297C4568.pf
Quarantined and deleted successfully : C:\windows\Prefetch\SPPSVC.EXE-B0F8131B.pf
Quarantined and deleted successfully : C:\windows\Prefetch\SVCHOST.EXE-1C37F0CA.pf
Quarantined and deleted successfully : C:\windows\Prefetch\SVCHOST.EXE-2DE8DAF4.pf
Quarantined and deleted successfully : C:\windows\Prefetch\SVCHOST.EXE-8049FA24.pf
Quarantined and deleted successfully : C:\windows\Prefetch\SVCHOST.EXE-DE976B47.pf
Quarantined and deleted successfully : C:\windows\Prefetch\SVCHOST.EXE-F80479F5.pf
Quarantined and deleted successfully : C:\windows\Prefetch\TASKENG.EXE-48D4E289.pf
Quarantined and deleted successfully : C:\windows\Prefetch\TASKHOST.EXE-7238F31D.pf
Quarantined and deleted successfully : C:\windows\Prefetch\TCRDKBB.EXE-BD533577.pf
Quarantined and deleted successfully : C:\windows\Prefetch\TCRDMAIN.EXE-3DBFB9C5.pf
Quarantined and deleted successfully : C:\windows\Prefetch\TECO.EXE-D194ABE2.pf
Quarantined and deleted successfully : C:\windows\Prefetch\TECOSERVICE.EXE-C4744937.pf
Quarantined and deleted successfully : C:\windows\Prefetch\THPSRV.EXE-C147AF7B.pf
Quarantined and deleted successfully : C:\windows\Prefetch\TMACHINFO.EXE-2FCB5A05.pf
Quarantined and deleted successfully : C:\windows\Prefetch\TOPI.EXE-139542E9.pf
Quarantined and deleted successfully : C:\windows\Prefetch\TOSHIBASERVICESTATION.EXE-92A6EAE9.pf
Quarantined and deleted successfully : C:\windows\Prefetch\TOSSENOTIFY.EXE-BC36C1CB.pf
Quarantined and deleted successfully : C:\windows\Prefetch\TOSSMARTSRV.EXE-BCFE7888.pf
Quarantined and deleted successfully : C:\windows\Prefetch\TOSWAITSRV.EXE-4901C686.pf
Quarantined and deleted successfully : C:\windows\Prefetch\TRUSTEDINSTALLER.EXE-3CC531E5.pf
Quarantined and deleted successfully : C:\windows\Prefetch\UNS.EXE-E6E49771.pf
Quarantined and deleted successfully : C:\windows\Prefetch\UNSECAPP.EXE-A02905A6.pf
Quarantined and deleted successfully : C:\windows\Prefetch\VSSVC.EXE-B8AFC319.pf
Quarantined and deleted successfully : C:\windows\Prefetch\WERMGR.EXE-0F2AC88C.pf
Quarantined and deleted successfully : C:\windows\Prefetch\WINDOWSLIVEPHOTOVIEWER.EXE-F21874F1.pf
Quarantined and deleted successfully : C:\windows\Prefetch\WLCOMM.EXE-324C9362.pf
Quarantined and deleted successfully : C:\windows\Prefetch\WLIDSVCM.EXE-A6EF5B2F.pf
Quarantined and deleted successfully : C:\windows\Prefetch\WLMAIL.EXE-303CEB39.pf
Quarantined and deleted successfully : C:\windows\Prefetch\WLMERGER.EXE-C117DFA3.pf
Quarantined and deleted successfully : C:\windows\Prefetch\WLMERGER.EXE-FCCE27E8.pf
Quarantined and deleted successfully : C:\windows\Prefetch\WLXPHOTOGALLERY.EXE-F184FD87.pf
Quarantined and deleted successfully : C:\windows\Prefetch\WMIADAP.EXE-F8DFDFA2.pf
Quarantined and deleted successfully : C:\windows\Prefetch\WMIPRVSE.EXE-1628051C.pf
Quarantined and deleted successfully : C:\windows\Prefetch\WMPNETWK.EXE-D9F2A96F.pf
Quarantined and deleted successfully : C:\windows\Prefetch\WMPNSCFG.EXE-FC0D39BF.pf
Quarantined and deleted successfully : C:\windows\Prefetch\WOW.EXE-CD73523A.pf

¤¤¤¤¤¤¤¤¤¤ | quarantined at reboot

Quarantined and deleted Successfully at Reboot : C:\Users\UTILIS~1\AppData\Local\Temp\~DFC3414DA01416FBD3.TMP
Not quarantined at Reboot : C:\Program Files\McAfee.com

¤¤¤¤¤

15:17:03

¤¤¤¤¤¤¤¤¤¤ | Listing Partition(s)

Disk: 0 Size=954G
Pos MBRndx Type/Name Size Active Hide Start Sector Sectors
--- ------ ---------- ---- ------ ---- ------------ ------------
0 0 27-UNKNWN 1.5G Yes No 2,048 3,072,000
1 1 07-NTFS 935G No No 3,074,048 915,119,616
2 2 17-NTFS 17G No Yes 918,193,664 35,330,048

¤¤¤¤¤¤¤¤¤¤ | MBR Control

64 bits Not supported by MBR.exe , Dump : C:\Pre_Scan\MBR.Bin

15:17:03

[HKLM | Winlogon] | AutoRestartShell : 0 -> 1
[HKLM64 | Winlogon] | AutoRestartShell : 0 -> 1

¤¤¤¤¤¤¤¤¤¤ | Hidden files

~ [Disque C:] Folders : 1 | Files : 0 ¤¤¤¤¤ Unhide ¤¤¤¤¤ Folders : 1 | Files : 0
~ [ProgramFiles] Folders : 1 | Files : 9 ¤¤¤¤¤ Unhide ¤¤¤¤¤ Folders : 1 | Files : 9
~ [Utilisateurs] Folders : 2 | Files : 0 ¤¤¤¤¤ Unhide ¤¤¤¤¤ Folders : 2 | Files : 0
~ [Music] Folders : 0 | Files : 2 ¤¤¤¤¤ Unhide ¤¤¤¤¤ Folders : 0 | Files : 2
~ [Pictures] Folders : 0 | Files : 0
~ [Videos] Folders : 0 | Files : 0
~ [Downloads] Folders : 0 | Files : 0
~ [Desktop] Folders : 0 | Files : 0
~ [Links] Folders : 0 | Files : 0
~ [Searches] Folders : 0 | Files : 2 ¤¤¤¤¤ Unhide ¤¤¤¤¤ Folders : 0 | Files : 2
~ [Contacts] Folders : 0 | Files : 0
~ [Saved_Games] Folders : 0 | Files : 0
~ [Favorites] Folders : 0 | Files : 0
~ [Documents] Folders : 3 | Files : 0 ¤¤¤¤¤ Unhide ¤¤¤¤¤ Folders : 3 | Files : 0
~ [Windows] Folders : 31 | Files : 200 ¤¤¤¤¤ Unhide ¤¤¤¤¤ Folders : 31 | Files : 195
~ [Start_Menu] Folders : 1 | Files : 0 ¤¤¤¤¤ Unhide ¤¤¤¤¤ Folders : 1 | Files : 0
~ [Libraries] Folders : 0 | Files : 0
~ [quick launch] Folders : 1 | Files : 0 ¤¤¤¤¤ Unhide ¤¤¤¤¤ Folders : 1 | Files : 0
~ [AppData] Folders : 7 | Files : 6 ¤¤¤¤¤ Unhide ¤¤¤¤¤ Folders : 7 | Files : 6

Fin : 15:20:55

¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤
0
Nugup Messages postés 44 Statut Membre
 
Désolé, mais sur pjjoint, le rapport était aussi trop long, j'ai pensé qu'il était préférable de le mettre içi.

J'ai donc posté deux messages, et la ligne :

Quarantined and deleted successfully : C:\windows\Prefetch\CB_CONSOLE_RUNNER.EXE-D82B1D66.pf

Apparaît deux fois a la place d'une seule sur le rapport pour te montrer à quel moment commence la deuxième partie.

Encore désolé mais je ne suis pas habitué, j'espère que je n'ai pas fait de connerie.
J'espère que tu arrivera à en faire quelque chose.
0
Réponse 14 / 47
Utilisateur anonyme
 
heberge-le ici stp :

https://www.cjoint.com/
0
Réponse 15 / 47
Nugup Messages postés 44 Statut Membre
 
Voila le lien :)

http://cjoint.com/data/0ICkJhWlRy6.htm
0
Nugup Messages postés 44 Statut Membre
 
J'ai vu que le scan avait placé beaucoup de choses en quarantaine, y compris l'antivirus et le WoW.exe soit le lanceur world of warcraft, rien n'est pour l'instant réaparu mais McAfee ne semble pas être perturbé.

J'ai regardé dans les dossiers liés à Pre_Scan, il n'a rien classé en "infecté" (pas sur du nom de dossier) mais je pense que tu saura mieux que moi en regardant le rapport.

J'espère que le rapport pourra t'avancer :D
0
Utilisateur anonyme
 
re

je regarde ca :)

à titre info , le dossier "infected" sert à recuperer des infos sur les fichiers
c'est un dossier de transit si tu préfères
0
Réponse 16 / 47
Nugup Messages postés 44 Statut Membre
 
Voici le lien du Diag :

https://www.cjoint.com/?0IEiqmjLaa7
0
Réponse 17 / 47
Utilisateur anonyme
 
je le mets à jour 5/15 fois par jour, donc fais ce que je demande....
0
Nugup Messages postés 44 Statut Membre
 
Je vais devoir faire ca demain du coup :X

Désolé si c'était important et si mon sujet traîne en longueur, je le fais dès que je peux.
0
Utilisateur anonyme
 
non ne sois pas désolé(e) c'est pour toi......
0
Réponse 18 / 47
Nugup Messages postés 44 Statut Membre
 
Le lien du Diag après retéléchargement de Pre_Scan pour avoir les mises à jour :)

http://cjoint.com/data/0JbhxFFqZQ8.htm
0
Réponse 19 / 47
Utilisateur anonyme
 
Attention !!! pense à re-désactiver tes protections

Clique sur ce lien : https://www.cjoint.com/?BJbjeuytwC4

Selectionne tout le texte qui s'y trouve CTRL+A puis CTRL+C ou clic droit/copier

Relance Pre_scan puis choisis l'option "Script"

une page va s'ouvrir

logiquement le texte que tu as sélectionné s'y trouve déjà , donc tu fermes et le programme va travailler.

sinon colle-le (clic droit/coller ou ctrl+V) dans la page vierge.

puis onglet fichier => enregistrer (pas enregistrer sous...) , puis ferme le texte

des fenetres noires risquent de clignoter , c'est normal , c'est le programme qui travaille

poste Pre_Script.txt qui apparaitra sur le bureau en fin de travail
0
Nugup Messages postés 44 Statut Membre
 
Est-ce vraiment grave si Mc-Afee n'est pas desactivé car j'ai un foutu controle parental et donc je ne peut pas le desactiver me semble-t-il ...
0
Réponse 20 / 47
Utilisateur anonyme
 
fais avec on avisera
0

Discussions similaires

synchronisation des dossiers avec abonnement
nianianiel -
lapourvous -

1 réponse