Sujet Précédent Sujet Suivant

Mon ordi rame et ma config a changé ?

Résolu/Fermé
jacknico Messages postés 26 Date d'inscription mercredi 2 mai 2012 Statut Membre Dernière intervention 28 septembre 2012 - Modifié par Jeff le 25/02/2013 à 14:49
 Utilisateur anonyme - 28 sept. 2012 à 17:33
Bonjour,

depuis aujourd'hui j'ai mon ordi rame un max et l'apparence XP a disparue, pour etre remplacé par "il me semble" l'apparence du vieux Windows 98 !
bref j'ai lancé ccleaner, fait un scan avec avast et j'ai toujours de gros blèmes.

voici le scan fait avec ZHPDiag : https://pjjoint.malekal.com/files.php?id=ZHPDiag_20120925_z14j10u10n7p12

et celui de MBAM : https://pjjoint.malekal.com/files.php?id=20120925_v7c13m5d12q14


Merci d'avance pour votre aide !

A voir également:

23 réponses

  • 1
  • 2
Réponse 1 / 23
Utilisateur anonyme
25 sept. 2012 à 14:20
salut

Attention !!! : cet outil peut etre détecté à tort comme virus
Attention !!! : cet outil est puissant suivre scrupuleusement les instructions ci-dessous

tous les processus "non vitaux de windows" vont être coupés , enregistre ton travail.

Désactive toutes tes protections si possible , antivirus , sandbox , pare-feux , etc....

telecharge et enregistre Pre_Scan sur ton bureau :

https://forums-fec.be/gen-hackman/Pre_Scan.exe

si le lien ne fonctionne pas :

https://toolslib.net
http://www.archive-host.com

Avertissement :Il y aura une extinction du bureau pendant le scan --> pas de panique.

une fois telechargé lance-le , laisse faire le scan jusqu'à l'apparition de "Pre_scan_la_date_et_l'heure.txt" sur le bureau.

si l'outil est relancé plusieurs fois , il te proposera un menu et qu'aucune option n'est demandée, lance l'option "Kill"

si l'outil est bloqué par l'infection utilise cette version avec extension .pif :

https://forums-fec.be/gen-hackman/Pre_Scan.pif

si l'outil detecte un proxy et que tu n'en as pas installé clique sur "supprimer le proxy"

Il se peut qu'une multitude de fenêtres noires clignotent , laisse-le travailler

Poste Pre_Scan_la_date_et_l'heure.txt qui apparaitra sur le bureau en fin de scan

Il est possible que l'outil fasse redemarrer ton pc , laisse-le faire

NE LE POSTE PAS SUR LE FORUM !!! (il est trop long)

Heberge le rapport sur http://pjjoint.malekal.com puis donne le lien obtenu en echange sur le forum où tu te fais aider


0
^Abel^ Messages postés 15399 Date d'inscription jeudi 14 juillet 2011 Statut Contributeur Dernière intervention 14 février 2023 6 860
25 sept. 2012 à 14:40
Bonjour g3n-h@ckm@n,
Pardonnez-moi, je n'avais pas vu la prise en main de ce sujet...^^
Cordialement.
0
Utilisateur anonyme
25 sept. 2012 à 14:45
;)
0
jacknico Messages postés 26 Date d'inscription mercredi 2 mai 2012 Statut Membre Dernière intervention 28 septembre 2012
25 sept. 2012 à 15:58
aucune des versions de pre_scan ne fonctionnent , j'ai ce message d'erreur qui apparait Line 612 (file "C:\documents and settings\jacques\mes documents\téléchargements\pre_scan.pif") : error : variable must be of type object"

que faire d'autre ?
0
Utilisateur anonyme
25 sept. 2012 à 16:00
??????????????????? 612 ??????????????
0
jacknico Messages postés 26 Date d'inscription mercredi 2 mai 2012 Statut Membre Dernière intervention 28 septembre 2012
25 sept. 2012 à 16:20
line 6112
0
Réponse 2 / 23
Utilisateur anonyme
25 sept. 2012 à 16:59
en réactivent plusieurs système ,

pas compris ca....

relance-le , clique sur Diag puis heberge le rapport
0
jacknico Messages postés 26 Date d'inscription mercredi 2 mai 2012 Statut Membre Dernière intervention 28 septembre 2012
25 sept. 2012 à 17:46
impossible d'ouvrir l'hebergeur : je te poste le rapport ici :

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Pre_Scan | 2.0925 | g3n-h@ckm@n & Saachaa | ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤ XP | Vista | 7 | 8 - 32/64 bits ¤¤¤¤¤

~ Update on 25/09/2012 | 08.45 by g3n-h@ckm@n
~ Informations | Evolution : https://gen-hackman.kanak.fr/
~ Informations for the switches Pre_Script : https://gen-hackman.kanak.fr/
~ Feedback Pre_scan : https://gen-hackman.kanak.fr/#505
~ Thx to C_XX , Slyk for their help for the evolution of the tool

~ User : Jacques (Administrateurs) | SID = S-1-5-21-2025429265-583907252-839522115-1004
~ Computer : HOME-52CE49D486

~ System : Microsoft Windows XP (32 bits) Service Pack 3
~ RegisteredOwner : NICOLAI
~ RegisteredOrganization : HOME
~ ProcessorNameString : Intel(R) Core(TM)2 CPU 6300 @ 1.86GHz
~ Identifier : x86 Family 6 Model 15 Stepping 6

~ Mémory RAM = Total (KB) : 2095530 | Used (%) : 23 | Free (KB) : 1593200
~ Pagefile = Total (KB) : 4033960 | Free (KB) : 3781140
~ Virtual = Total (KB) : 2097020 | Free (KB) : 1972090

¤¤¤¤¤¤¤¤¤¤ | Boot's scripts


¤¤¤¤¤¤¤¤¤¤ | Drives

c:\ -> [Fixed] | [] | Total : 305230 Mo | Free : 59650 Mo -> NTFS
e:\ -> [Fixed] | [] | Total : 144150 Mo | Free : 3850 Mo -> NTFS
f:\ -> [Removable] | [] | Total : 3840 Mo | Free : 2590 Mo -> FAT32

Scan : 14:44:43 | 25/09/2012

¤¤¤¤¤¤¤¤¤¤ | Windows Updates

Last(s) détection(s) : 2012-09-24 04:42:41
Last(s) download(s) : 2012-09-22 06:43:41
Last(s) installation(s) : 2012-09-22 13:29:11
Next search : 2012-09-24 23:34:31


~ C:\WINDOWS\system32\config\systemprofile
~ C:\Documents and Settings\LocalService
~ C:\Documents and Settings\NetworkService
~ C:\Documents and Settings\Jacques
~ C:\Documents and Settings\Administrateur
~ C:\Documents and Settings\Invité
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Pre_Scan | 2.0925 | g3n-h@ckm@n & Saachaa | ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤ XP | Vista | 7 | 8 - 32/64 bits ¤¤¤¤¤

~ Update on 25/09/2012 | 08.45 by g3n-h@ckm@n
~ Informations | Evolution : https://gen-hackman.kanak.fr/
~ Informations for the switches Pre_Script : https://gen-hackman.kanak.fr/
~ Feedback Pre_scan : https://gen-hackman.kanak.fr/#505
~ Thx to C_XX , Slyk for their help for the evolution of the tool

~ User : Jacques (Administrateurs) | SID = S-1-5-21-2025429265-583907252-839522115-1004
~ Computer : HOME-52CE49D486

~ System : Microsoft Windows XP (32 bits) Service Pack 3
~ RegisteredOwner : NICOLAI
~ RegisteredOrganization : HOME
~ ProcessorNameString : Intel(R) Core(TM)2 CPU 6300 @ 1.86GHz
~ Identifier : x86 Family 6 Model 15 Stepping 6

~ Mémory RAM = Total (KB) : 2095530 | Used (%) : 23 | Free (KB) : 1602100
~ Pagefile = Total (KB) : 4033960 | Free (KB) : 3794260
~ Virtual = Total (KB) : 2097020 | Free (KB) : 1971580

¤¤¤¤¤¤¤¤¤¤ | Boot's scripts


¤¤¤¤¤¤¤¤¤¤ | Drives

c:\ -> [Fixed] | [] | Total : 305230 Mo | Free : 59650 Mo -> NTFS
e:\ -> [Fixed] | [] | Total : 144150 Mo | Free : 3850 Mo -> NTFS
f:\ -> [Removable] | [] | Total : 3840 Mo | Free : 2590 Mo -> FAT32

Scan : 15:46:51 | 25/09/2012

¤¤¤¤¤¤¤¤¤¤ | Windows Updates

Last(s) détection(s) : 2012-09-24 04:42:41
Last(s) download(s) : 2012-09-22 06:43:41
Last(s) installation(s) : 2012-09-22 13:29:11
Next search : 2012-09-24 23:34:31


~ C:\WINDOWS\system32\config\systemprofile
~ C:\Documents and Settings\LocalService
~ C:\Documents and Settings\NetworkService
~ C:\Documents and Settings\Jacques
~ C:\Documents and Settings\Administrateur
~ C:\Documents and Settings\Invité
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Pre_Scan | 2.0925 | g3n-h@ckm@n & Saachaa | ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤ XP | Vista | 7 | 8 - 32/64 bits ¤¤¤¤¤

~ Update on 25/09/2012 | 08.45 by g3n-h@ckm@n
~ Informations | Evolution : https://gen-hackman.kanak.fr/
~ Informations for the switches Pre_Script : https://gen-hackman.kanak.fr/
~ Feedback Pre_scan : https://gen-hackman.kanak.fr/#505
~ Thx to C_XX , Slyk for their help for the evolution of the tool

~ User : Jacques (Administrateurs) | SID = S-1-5-21-2025429265-583907252-839522115-1004
~ Computer : HOME-52CE49D486

~ System : Microsoft Windows XP (32 bits) Service Pack 3
~ RegisteredOwner : NICOLAI
~ RegisteredOrganization : HOME
~ ProcessorNameString : Intel(R) Core(TM)2 CPU 6300 @ 1.86GHz
~ Identifier : x86 Family 6 Model 15 Stepping 6

~ Mémory RAM = Total (KB) : 2095530 | Used (%) : 22 | Free (KB) : 1633650
~ Pagefile = Total (KB) : 4033960 | Free (KB) : 3793210
~ Virtual = Total (KB) : 2097020 | Free (KB) : 1972020

¤¤¤¤¤¤¤¤¤¤ | Boot's scripts


¤¤¤¤¤¤¤¤¤¤ | Drives

c:\ -> [Fixed] | [] | Total : 305230 Mo | Free : 59640 Mo -> NTFS
e:\ -> [Fixed] | [] | Total : 144150 Mo | Free : 3850 Mo -> NTFS
f:\ -> [Removable] | [] | Total : 3840 Mo | Free : 2590 Mo -> FAT32

Scan : 16:05:59 | 25/09/2012

¤¤¤¤¤¤¤¤¤¤ | Windows Updates

Last(s) détection(s) : 2012-09-24 04:42:41
Last(s) download(s) : 2012-09-22 06:43:41
Last(s) installation(s) : 2012-09-22 13:29:11
Next search : 2012-09-24 23:34:31


~ C:\WINDOWS\system32\config\systemprofile
~ C:\Documents and Settings\LocalService
~ C:\Documents and Settings\NetworkService
~ C:\Documents and Settings\Jacques
~ C:\Documents and Settings\Administrateur
~ C:\Documents and Settings\Invité
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Pre_Scan | 2.0925 | g3n-h@ckm@n & Saachaa | ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤ XP | Vista | 7 | 8 - 32/64 bits ¤¤¤¤¤

~ Update on 25/09/2012 | 08.45 by g3n-h@ckm@n
~ Informations | Evolution : https://gen-hackman.kanak.fr/
~ Informations for the switches Pre_Script : https://gen-hackman.kanak.fr/
~ Feedback Pre_scan : https://gen-hackman.kanak.fr/#505
~ Thx to C_XX , Slyk for their help for the evolution of the tool

~ User : Jacques (Administrateurs) | SID = S-1-5-21-2025429265-583907252-839522115-1004
~ Computer : HOME-52CE49D486

~ System : Microsoft Windows XP (32 bits) Service Pack 3
~ RegisteredOwner : NICOLAI
~ RegisteredOrganization : HOME
~ ProcessorNameString : Intel(R) Core(TM)2 CPU 6300 @ 1.86GHz
~ Identifier : x86 Family 6 Model 15 Stepping 6

~ Mémory RAM = Total (KB) : 2095530 | Used (%) : 23 | Free (KB) : 1600320
~ Pagefile = Total (KB) : 4033960 | Free (KB) : 3786130
~ Virtual = Total (KB) : 2097020 | Free (KB) : 1971580

¤¤¤¤¤¤¤¤¤¤ | Boot's scripts


¤¤¤¤¤¤¤¤¤¤ | Drives

c:\ -> [Fixed] | [] | Total : 305230 Mo | Free : 59630 Mo -> NTFS
e:\ -> [Fixed] | [] | Total : 144150 Mo | Free : 3850 Mo -> NTFS
f:\ -> [Removable] | [] | Total : 3840 Mo | Free : 2590 Mo -> FAT32

Scan : 16:23:12 | 25/09/2012

¤¤¤¤¤¤¤¤¤¤ | Windows Updates

Last(s) détection(s) : 2012-09-24 04:42:41
Last(s) download(s) : 2012-09-22 06:43:41
Last(s) installation(s) : 2012-09-22 13:29:11
Next search : 2012-09-24 23:34:31


~ C:\WINDOWS\system32\config\systemprofile
~ C:\Documents and Settings\LocalService
~ C:\Documents and Settings\NetworkService
~ C:\Documents and Settings\Jacques
~ C:\Documents and Settings\Administrateur
~ C:\Documents and Settings\Invité

New restorepoint created


¤¤¤¤¤¤¤¤¤¤ | MD5 Control

[MD5.78C7F942D5F3BBAEB736328A05007E74] - [25/09/2012 14:44:44] - [0.5 Ko] - C:\Pre_Scan\MBR.bin
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - [02/03/2006 14:00:00] - (.© Microsoft Corporation. - Explorateur Windows.) - [1013.5 Ko] - (6.0.2900.5512) - C:\WINDOWS\explorer.exe
[MD5.2A7BD330924252A2FD80344FC949BB72] - [31/05/2011 11:32:49] - (.© Microsoft Corporation. - Explorateur Windows.) - [1012 Ko] - (6.0.2900.2180) - C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - [31/05/2011 11:14:28] - (.© Microsoft Corporation. - Explorateur Windows.) - [1013.5 Ko] - (6.0.2900.5512) - C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[MD5.6EDCA12F58A4513637AF2DEBB1629BC8] - [31/05/2011 11:32:45] - (.© Microsoft Corporation. - Client Server Runtime Process.) - [6 Ko] - (5.1.2600.2180) - C:\WINDOWS\$NtServicePackUninstall$\csrss.exe
[MD5.E0E8A531CFCE1C2E5D79F683282C10C3] - [31/05/2011 11:14:22] - (.© Microsoft Corporation. - Client Server Runtime Process.) - [6 Ko] - (5.1.2600.5512) - C:\WINDOWS\ServicePackFiles\i386\csrss.exe
[MD5.E0E8A531CFCE1C2E5D79F683282C10C3] - [02/03/2006 14:00:00] - (.© Microsoft Corporation. - Client Server Runtime Process.) - [6 Ko] - (5.1.2600.5512) - C:\WINDOWS\system32\csrss.exe
[MD5.9D6BF82FE50D55F20F8E10E0F6653886] - [31/05/2011 11:32:34] - (.© Microsoft Corporation. - Applications Services et Contrôleur.) - [108.5 Ko] - (5.1.2600.3520) - C:\WINDOWS\$NtServicePackUninstall$\services.exe
[MD5.54CB50058851D95E56EC70D09F70857F] - [31/05/2011 11:48:58] - (.© Microsoft Corporation. - Applications Services et Contrôleur.) - [106.5 Ko] - (5.1.2600.5512) - C:\WINDOWS\$NtUninstallKB956572$\services.exe
[MD5.63DCDE1A0D86EEB8924D6738FF616EAD] - [31/05/2011 11:05:12] - (.© Microsoft Corporation. - Applications Services et Contrôleur.) - [106 Ko] - (5.1.2600.2180) - C:\WINDOWS\$NtUninstallKB956572_0$\services.exe
[MD5.54CB50058851D95E56EC70D09F70857F] - [14/04/2008 04:34:20] - (.© Microsoft Corporation. - Applications Services et Contrôleur.) - [106.5 Ko] - (5.1.2600.5512) - C:\WINDOWS\ServicePackFiles\i386\services.exe
[MD5.C3FB1D70CB88722267949694BA51759E] - [02/03/2006 14:00:00] - (.© Microsoft Corporation. - Applications Services et Contrôleur.) - [108.5 Ko] - (5.1.2600.5755) - C:\WINDOWS\system32\services.exe
[MD5.C3FB1D70CB88722267949694BA51759E] - [31/05/2011 10:58:15] - (.© Microsoft Corporation. - Applications Services et Contrôleur.) - [108.5 Ko] - (5.1.2600.5755) - C:\WINDOWS\system32\dllcache\services.exe
[MD5.70A9BCEA4D3B3B4773F9A871F5FEEF57] - [31/05/2011 11:32:34] - (.© Microsoft Corporation. - Gestionnaire de session Windows NT.) - [49.5 Ko] - (5.1.2600.2180) - C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[MD5.48E430297DA757F5CC2793CCFACAD5E7] - [31/05/2011 11:15:03] - (.© Microsoft Corporation. - Gestionnaire de session Windows NT.) - [49.5 Ko] - (5.1.2600.5512) - C:\WINDOWS\ServicePackFiles\i386\smss.exe
[MD5.48E430297DA757F5CC2793CCFACAD5E7] - [02/03/2006 14:00:00] - (.© Microsoft Corporation. - Gestionnaire de session Windows NT.) - [49.5 Ko] - (5.1.2600.5512) - C:\WINDOWS\system32\smss.exe
[MD5.84717891F0734C611721F56C60B5FBC3] - [31/05/2011 11:32:34] - (.© Microsoft Corporation. - Application d'ouverture de session Userinit.) - [24.5 Ko] - (5.1.2600.2180) - C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[MD5.E74DDB12188C2FF57A78624DBF7332FC] - [31/05/2011 11:15:09] - (.© Microsoft Corporation. - Application d'ouverture de session Userinit.) - [26 Ko] - (5.1.2600.5512) - C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[MD5.E74DDB12188C2FF57A78624DBF7332FC] - [02/03/2006 14:00:00] - (.© Microsoft Corporation. - Application d'ouverture de session Userinit.) - [26 Ko] - (5.1.2600.5512) - C:\WINDOWS\system32\userinit.exe
[MD5.123EEA158F74D0F67A51DCDF065D1091] - [31/05/2011 11:32:36] - (.© Microsoft Corporation. - Application d'ouverture de session Windows NT.) - [494.5 Ko] - (5.1.2600.2180) - C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - [31/05/2011 11:15:13] - (.© Microsoft Corporation. - Application d'ouverture de session Windows NT.) - [500 Ko] - (5.1.2600.5512) - C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - [02/03/2006 14:00:00] - (.© Microsoft Corporation. - Application d'ouverture de session Windows NT.) - [500 Ko] - (5.1.2600.5512) - C:\WINDOWS\system32\winlogon.exe
[MD5.55E6E1C51B6D30E54335750955453702] - [31/05/2011 11:32:34] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [135.13 Ko] - (5.1.2600.3427) - C:\WINDOWS\$NtServicePackUninstall$\afd.sys
[MD5.7618D5218F2A614672EC61A80D854A37] - [16/06/2011 22:12:46] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [135.25 Ko] - (5.1.2600.5695) - C:\WINDOWS\$NtUninstallKB2503665$\afd.sys
[MD5.7E775010EF291DA96AD17CA4B17137D7] - [31/05/2011 12:30:11] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [135.25 Ko] - (5.1.2600.5657) - C:\WINDOWS\$NtUninstallKB2509553$\afd.sys
[MD5.355556D9E580915118CD7EF736653A89] - [13/10/2011 13:41:18] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [135.25 Ko] - (5.1.2600.6081) - C:\WINDOWS\$NtUninstallKB2592799$\afd.sys
[MD5.322D0E36693D6E24A2398BEE62A268CD] - [31/05/2011 11:48:02] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [134.88 Ko] - (5.1.2600.5512) - C:\WINDOWS\$NtUninstallKB951748$\afd.sys
[MD5.5AC495F4CB807B2B98AD2AD591E6D92E] - [31/05/2011 11:03:32] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [135.25 Ko] - (5.1.2600.2180) - C:\WINDOWS\$NtUninstallKB951748_0$\afd.sys
[MD5.E3049B90FE06F3F740B7CFDA44995E2C] - [31/05/2011 11:49:19] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [135.25 Ko] - (5.1.2600.5625) - C:\WINDOWS\$NtUninstallKB956803$\afd.sys
[MD5.944CA435BFCFC82CC1ED9E3A7D731AA9] - [31/05/2011 11:04:34] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [135.13 Ko] - (5.1.2600.3394) - C:\WINDOWS\$NtUninstallKB956803_0$\afd.sys
[MD5.322D0E36693D6E24A2398BEE62A268CD] - [31/05/2011 11:14:17] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [134.88 Ko] - (5.1.2600.5512) - C:\WINDOWS\ServicePackFiles\i386\afd.sys
[MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - [20/06/2008 13:40:08] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [135.25 Ko] - (5.1.2600.6142) - C:\WINDOWS\system32\dllcache\afd.sys
[MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - [02/03/2006 14:00:00] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [135.25 Ko] - (5.1.2600.6142) - C:\WINDOWS\system32\drivers\afd.sys
[MD5.CDFE4411A69C224BD1D11B2DA92DAC51] - [31/05/2011 11:32:34] - (.© Microsoft Corporation. - IDE/ATAPI Port Driver.) - [93.13 Ko] - (5.1.2600.2180) - C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - [31/05/2011 11:14:18] - (.© Microsoft Corporation. - IDE/ATAPI Port Driver.) - [94.25 Ko] - (5.1.2600.5512) - C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - [02/03/2006 14:00:00] - (.© Microsoft Corporation. - IDE/ATAPI Port Driver.) - [94.25 Ko] - (5.1.2600.5512) - C:\WINDOWS\system32\drivers\atapi.sys
[MD5.AF9C19B3100FE010496B1A27181FBF72] - [31/05/2011 11:32:34] - (.© Microsoft Corporation. - SCSI CD-ROM Driver.) - [48.38 Ko] - (5.1.2600.2180) - C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - [31/05/2011 11:14:20] - (.© Microsoft Corporation. - SCSI CD-ROM Driver.) - [61.5 Ko] - (5.1.2600.5512) - C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - [02/03/2006 14:00:00] - (.© Microsoft Corporation. - SCSI CD-ROM Driver.) - [61.5 Ko] - (5.1.2600.5512) - C:\WINDOWS\system32\drivers\cdrom.sys
[MD5.0C80E410CD2F47134407EE7DD19CC86B] - [31/05/2011 11:32:33] - (.© Microsoft Corporation. - MBT Transport driver.) - [159 Ko] - (5.1.2600.2180) - C:\WINDOWS\$NtServicePackUninstall$\netbt.sys
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - [31/05/2011 11:14:54] - (.© Microsoft Corporation. - MBT Transport driver.) - [159 Ko] - (5.1.2600.5512) - C:\WINDOWS\ServicePackFiles\i386\netbt.sys
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - [02/03/2006 14:00:00] - (.© Microsoft Corporation. - MBT Transport driver.) - [159 Ko] - (5.1.2600.5512) - C:\WINDOWS\system32\drivers\netbt.sys
[MD5.313B1A0D5DB26DFE1C34A6C13B2CE0A7] - [31/05/2011 11:32:33] - (.© Microsoft Corporation. - Pilote de cliché instantané du volume.) - [52.13 Ko] - (5.1.2600.2180) - C:\WINDOWS\$NtServicePackUninstall$\volsnap.sys
[MD5.46DE1126684369BACE4849E4FC8C43CA] - [31/05/2011 11:15:10] - (.© Microsoft Corporation. - Pilote de cliché instantané du volume.) - [52.13 Ko] - (5.1.2600.5512) - C:\WINDOWS\ServicePackFiles\i386\volsnap.sys
[MD5.46DE1126684369BACE4849E4FC8C43CA] - [02/03/2006 14:00:00] - (.© Microsoft Corporation. - Pilote de cliché instantané du volume.) - [52.13 Ko] - (5.1.2600.5512) - C:\WINDOWS\system32\drivers\volsnap.sys

16:23:38

¤¤¤¤¤¤¤¤¤¤ | Processes stopped

ati2evxx.exe (1040) -> Process stopped !
ati2evxx.exe (1284) -> Process stopped !
explorer.exe (1692) -> Process stopped !
jusched.exe (664) -> Process stopped !
RTHDCPL.EXE (1104) -> Process stopped !
MOM.exe (1184) -> Process stopped !
IDMan.exe (1420) -> Process stopped !
ctfmon.exe (1460) -> Process stopped !
IEMonitor.exe (440) -> Process stopped !
CCC.exe (448) -> Process stopped !
jqs.exe (1648) -> Process stopped !
LVPrcSrv.exe (1876) -> Process stopped !
mbamscheduler.exe (1448) -> Process stopped !
NMSAccessU.exe (2320) -> Process stopped !
alg.exe (3076) -> Process stopped !

¤¤¤¤¤¤¤¤¤¤ | Running processes

Boot : Normal

[MD5.48E430297DA757F5CC2793CCFACAD5E7] - [02/03/2006 14:00:00] - 684 | C:\WINDOWS\System32\smss.exe (.Microsoft Corporation - Gestionnaire de session Windows NT.) - (5.1.2600.5512) -> \SystemRoot\System32\smss.exe [50688 Ko]
[MD5.3854F2A22DDED71A3504A9D0899F1C99] - [02/03/2006 14:00:00] - 788 | C:\WINDOWS\system32\winlogon.exe (.Microsoft Corporation - Application d'ouverture de session Windows NT.) - (5.1.2600.5512) -> winlogon.exe [512000 Ko]
[MD5.C3FB1D70CB88722267949694BA51759E] - [02/03/2006 14:00:00] - 832 | C:\WINDOWS\system32\services.exe (.Microsoft Corporation - Applications Services et Contrôleur.) - (5.1.2600.5755) -> C:\WINDOWS\system32\services.exe [111104 Ko]
[MD5.91E6024D6D4DCDECDB36C43ECF9BBECB] - [02/03/2006 14:00:00] - 844 | C:\WINDOWS\system32\lsass.exe (.Microsoft Corporation - LSA Shell (Export Version).) - (5.1.2600.5512) -> C:\WINDOWS\system32\lsass.exe [13312 Ko]
[MD5.E4BDF223CD75478BF44567B4D5C2634D] - [02/03/2006 14:00:00] - 1060 | C:\WINDOWS\system32\svchost.exe (.Microsoft Corporation - Generic Host Process for Win32 Services.) - (5.1.2600.5512) -> C:\WINDOWS\system32\svchost -k DcomLaunch [14336 Ko]
[MD5.E4BDF223CD75478BF44567B4D5C2634D] - [02/03/2006 14:00:00] - 1264 | C:\WINDOWS\system32\svchost.exe (.Microsoft Corporation - Generic Host Process for Win32 Services.) - (5.1.2600.5512) -> C:\WINDOWS\system32\svchost.exe -k netsvcs [14336 Ko]
[MD5.04AC21E821F259845BD7367CEE057290] - [31/05/2011 10:44:07] - 1520 | C:\Program Files\AVAST Software\Avast\AvastSvc.exe (.AVAST Software - avast! Service.) - (7.0.1466.549) -> "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" [44808 Ko]
[MD5.4F8FD8DEBD4784C36168A27EEA5F7CD3] - [31/05/2011 10:44:07] - 484 | C:\Program Files\AVAST Software\Avast\avastUI.exe (.AVAST Software - avast! Antivirus.) - (7.0.1466.549) -> "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [4282728 Ko]
[MD5.5F72F7B89D2FFFF87786231DB9F92BCF] - [25/09/2012 13:20:53] - 2260 | C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - (1.65.0.0) -> "C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe" [676936 Ko]
[MD5.E4BDF223CD75478BF44567B4D5C2634D] - [02/03/2006 14:00:00] - 2424 | C:\WINDOWS\system32\svchost.exe (.Microsoft Corporation - Generic Host Process for Win32 Services.) - (5.1.2600.5512) -> C:\WINDOWS\system32\svchost.exe -k imgsvc [14336 Ko]
[MD5.6E1D625FB27B9090E9B0A75EE5D6EFE1] - [25/09/2012 15:46:09] - 3776 | C:\Documents and Settings\Jacques\Mes documents\Téléchargements\Pre_Scan.pif (. - g3n-h@ckm@n.) - (2.0.9.25) -> "C:\Documents and Settings\Jacques\Mes documents\Téléchargements\Pre_Scan.pif" [1757869 Ko]

¤¤¤¤¤¤¤¤¤¤ | Winlogon


¤

[HKLM | Winlogon]|[Shell] : Explorer.exe
[HKLM | Winlogon]|[AutoRestartShell] : 0
[HKLM | Winlogon]|[userinit] : C:\WINDOWS\system32\userinit.exe,
[HKLM | Winlogon]|[PowerDownAfterShutdown] : 0 -> 1
[HKLM | Winlogon]|[System] :

¤¤¤¤¤¤¤¤¤¤ | Associations

[.exe] : exefile
[exefile | command] : "%1" %*
[.com] : comfile
[comfile | command] : "%1" %*
[.reg] : regfile
[regfile | command] : regedit.exe "%1"
[.scr] : scrfile
[scrfile | command] : "%1" /S
[.bat] : batfile
[batfile | command] : "%1" %*
[.cmd] : cmdfile
[cmdfile | command] : "%1" %*
[.pif] : piffile
[piffile | command] : "%1" %*
[.url] : InternetShortcut
[InternetShortcut | command] : "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l
[Application.Manifest | command] : rundll32.exe dfshim.dll,ShOpenVerbApplication %1
[Application.Reference | command] : rundll32.exe dfshim.dll,ShOpenVerbShortcut %1|%2
[Folder | command] : C:\WINDOWS\explorer.exe

¤

[Firefox | Command] | @ : "C:\Program Files\Mozilla Firefox\Firefox.exe"
[Firefox - Safemode | Command] | @ : "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode
[IE | Command] | @ : "C:\Program Files\Internet Explorer\iexplore.exe"
[Applications | IE | Command] | @ : "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1
[Chrome | Command] | @ : "C:\Program Files\Google\Chrome\Application\chrome.exe"
[Assoc | Applications] | @ : http://shell.windows.com/fileassoc/%04x/xml/redir.asp?Ext=%s

¤¤¤¤¤¤¤¤¤¤ | Corrections diverses

[HKLM | Advanced\Folder\Hidden\SHOWALL]|[CheckedValue] : 1
[HKLM | CurrentVersion\Explorer]|[AlwaysUnloadDll] : 1
[HKU\S-1-5-19 | Desktop]|[Wallpaper] : (Aucun)
[HKU\S-1-5-20 | Desktop]|[Wallpaper] : (Aucun)
[HKU\S-1-5-21-2025429265-583907252-839522115-1004 | Desktop]|[Wallpaper] : C:\Documents and Settings\Jacques\Application Data\Microsoft\Wallpaper1.bmp
[HKU\S-1-5-18 | Desktop]|[Wallpaper] : (Aucun)
[HKU\S-1-5-19 | Explorer\Advanced]|[Hidden] : 0
[HKU\S-1-5-19_Classes | Explorer\Advanced]|[Hidden] : 0
[HKU\S-1-5-20 | Explorer\Advanced]|[Hidden] : 0
[HKU\S-1-5-20_Classes | Explorer\Advanced]|[Hidden] : 0
[HKU\S-1-5-21-2025429265-583907252-839522115-1004 | Explorer\Advanced]|[Hidden] : 0
[HKU\S-1-5-21-2025429265-583907252-839522115-1004_Classes | Explorer\Advanced]|[Hidden] : 0
[HKU\S-1-5-18 | Explorer\Advanced]|[Hidden] : 0
[HKU\S-1-5-19 | Policies\Explorer]|[NoDriveTypeAutoRun] : 145
[HKU\S-1-5-20 | Policies\Explorer]|[NoDriveTypeAutoRun] : 145
[HKU\S-1-5-21-2025429265-583907252-839522115-1004 | Policies\Explorer]|[NoDriveTypeAutoRun] : 145
[HKU\S-1-5-18 | Policies\Explorer]|[NoDriveTypeAutoRun] : 145
[HKLM | policies\Explorer]|[HonorAutoRunSetting] : 1
[HKLM | Control\SafeBoot]|[AlternateShell] : cmd.exe
[HKLM | HideDesktopIcons\NewStartPanel]|[{20D04FE0-3AEA-1069-A2D8-08002B30309D}] : 0
[HKLM | HideDesktopIcons\NewStartPanel]|[{208D2C60-3AEA-1069-A2D7-08002B30309D}] : 0
[HKLM | HideDesktopIcons\NewStartPanel]|[{871C5380-42A0-1069-A2EA-08002B30309D}] : 0

16:23:52

¤¤¤¤¤¤¤¤¤¤ | SafeBoot | Control | Repair

[HKLM | Safeboot] -> OK
[HKLM | Safeboot\Minimal] -> OK
[HKLM | Safeboot\Network] -> OK

¤

[HKLM | Minimal\Base] : Driver Group -> OK
[HKLM | Minimal\Boot Bus Extender] : Driver Group -> OK
[HKLM | Minimal\Boot file system] : Driver Group -> OK
[HKLM | Minimal\File system] : Driver Group -> OK
[HKLM | Minimal\Filter] : Driver Group -> OK
[HKLM | Minimal\PCI Configuration] : Driver Group -> OK
[HKLM | Minimal\PNP Filter] : Driver Group -> OK
[HKLM | Minimal\Primary disk] : Driver Group -> OK
[HKLM | Minimal\SCSI Class] : Driver Group -> OK
[HKLM | Minimal\System Bus Extender] : Driver Group -> OK
[HKLM | Minimal\AppMgmt] : Service -> OK
[HKLM | Minimal\CryptSvc] : Service -> OK
[HKLM | Minimal\DcomLaunch] : Service -> OK
[HKLM | Minimal\dmadmin] : Service -> OK
[HKLM | Minimal\dmserver] : Service -> OK
[HKLM | Minimal\EventLog] : Service -> OK
[HKLM | Minimal\HelpSvc] : Service -> OK
[HKLM | Minimal\Netlogon] : Service -> OK
[HKLM | Minimal\PlugPlay] : Service -> OK
[HKLM | Minimal\RpcSs] : Service -> OK
[HKLM | Minimal\SRService] : Service -> OK
[HKLM | Minimal\vds] : Service -> OK
[HKLM | Minimal\WinMgmt] : Service -> OK
[HKLM | Minimal\dmboot.sys] : Driver -> OK
[HKLM | Minimal\dmio.sys] : Driver -> OK
[HKLM | Minimal\dmload.sys] : Driver -> OK
[HKLM | Minimal\sermouse.sys] : Driver -> OK
[HKLM | Minimal\vga.sys] : Driver -> OK
[HKLM | Minimal\vgasave.sys] : Driver -> OK
[HKLM | Minimal\sr.sys] : FSFilter System Recovery -> OK
[HKLM | Minimal\{36FC9E60-C465-11CF-8056-444553540000}] : Universal Serial Bus controllers -> OK
[HKLM | Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] : CD-ROM Drive -> OK
[HKLM | Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] : DiskDrive -> OK
[HKLM | Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] : Standard floppy disk controller -> OK
[HKLM | Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] : Hdc -> OK
[HKLM | Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] : Keyboard -> OK
[HKLM | Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] : Mouse -> OK
[HKLM | Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] : PCMCIA Adapters -> OK
[HKLM | Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] : SCSIAdapter -> OK
[HKLM | Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] : System -> OK
[HKLM | Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] : Floppy disk drive -> OK
[HKLM | Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] : Volume shadow copy -> OK
[HKLM | Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] : Volume -> OK
[HKLM | Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] : Human Interface Devices -> OK

¤

[HKLM | Network\Base] : Driver Group -> OK
[HKLM | Network\Boot Bus Extender] : Driver Group -> OK
[HKLM | Network\Boot file system] : Driver Group -> OK
[HKLM | Network\File system] : Driver Group -> OK
[HKLM | Network\Filter] : Driver Group -> OK
[HKLM | Network\NDIS] : Driver Group -> OK
[HKLM | Network\NDIS Wrapper] : Driver Group -> OK
[HKLM | Network\NetBIOSGroup] : Driver Group -> OK
[HKLM | Network\NetDDEGroup] : Driver Group -> OK
[HKLM | Network\Network] : Driver Group -> OK
[HKLM | Network\NetworkProvider] : Driver Group -> OK
[HKLM | Network\PCI Configuration] : Driver Group -> OK
[HKLM | Network\PNP Filter] : Driver Group -> OK
[HKLM | Network\PNP_TDI] : Driver Group -> OK
[HKLM | Network\Primary disk] : Driver Group -> OK
[HKLM | Network\SCSI Class] : Driver Group -> OK
[HKLM | Network\Streams Drivers] : Driver Group -> OK
[HKLM | Network\System Bus Extender] : Driver Group -> OK
[HKLM | Network\TDI] : Driver Group -> OK
[HKLM | Network\AFD] : Service -> OK
[HKLM | Network\AppMgmt] : Service -> OK
[HKLM | Network\Browser] : Service -> OK
[HKLM | Network\CryptSvc] : Service -> OK
[HKLM | Network\DcomLaunch] : Service -> OK
[HKLM | Network\Dhcp] : Service -> OK
[HKLM | Network\dmadmin] : Service -> OK
[HKLM | Network\dmserver] : Service -> OK
[HKLM | Network\DnsCache] : Service -> OK
[HKLM | Network\EventLog] : Service -> OK
[HKLM | Network\HelpSvc] : Service -> OK
[HKLM | Network\LanmanServer] : Service -> OK
[HKLM | Network\LanmanWorkstation] : Service -> OK
[HKLM | Network\LmHosts] : Service -> OK
[HKLM | Network\Messenger] : Service -> OK
[HKLM | Network\Ndisuio] : Service -> OK
[HKLM | Network\NetBIOS] : Service -> OK
[HKLM | Network\NetBT] : Service -> OK
[HKLM | Network\Netlogon] : Service -> OK
[HKLM | Network\NetMan] : Service -> OK
[HKLM | Network\NtLmSsp] : Service -> OK
[HKLM | Network\PlugPlay] : Service -> OK
[HKLM | Network\rdsessmgr] : Service -> OK
[HKLM | Network\RpcSs] : Service -> OK
[HKLM | Network\sharedaccess] : Service -> OK
[HKLM | Network\SRService] : Service -> OK
[HKLM | Network\Tcpip] : Service -> OK
[HKLM | Network\termservice] : Service -> OK
[HKLM | Network\vds] : -> Service
[HKLM | Network\WinMgmt] : Service -> OK
[HKLM | Network\WZCSVC] : Service -> OK
[HKLM | Network\dmboot.sys] : Driver -> OK
[HKLM | Network\dmio.sys] : Driver -> OK
[HKLM | Network\dmload.sys] : Driver -> OK
[HKLM | Network\ipnat.sys] : Driver -> OK
[HKLM | Network\ip6fw.sys] : Driver -> OK
[HKLM | Network\rdpcdd.sys] : Driver -> OK
[HKLM | Network\sr.sys] : FSFilter System Recovery -> OK
[HKLM | Network\{36FC9E60-C465-11CF-8056-444553540000}] : Universal Serial Bus controllers -> OK
[HKLM | Network\{4D36E965-E325-11CE-BFC1-08002BE10318}] : CD-ROM Drive -> OK
[HKLM | Network\{4D36E967-E325-11CE-BFC1-08002BE10318}] : DiskDrive -> OK
[HKLM | Network\{4D36E969-E325-11CE-BFC1-08002BE10318}] : Standard floppy disk controller -> OK
[HKLM | Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] : Hdc -> OK
[HKLM | Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] : Keyboard -> OK
[HKLM | Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] : Mouse -> OK
[HKLM | Network\{4D36E972-E325-11CE-BFC1-08002BE10318}] : Net -> OK
[HKLM | Network\{4D36E973-E325-11CE-BFC1-08002BE10318}] : NetClient -> OK
[HKLM | Network\{4D36E974-E325-11CE-BFC1-08002BE10318}] : NetService -> OK
[HKLM | Network\{4D36E975-E325-11CE-BFC1-08002BE10318}] : NetTrans -> OK
[HKLM | Network\{4D36E977-E325-11CE-BFC1-08002BE10318}] : PCMCIA Adapters -> OK
[HKLM | Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}] : SCSIAdapter -> OK
[HKLM | Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}] : System -> OK
[HKLM | Network\{4D36E980-E325-11CE-BFC1-08002BE10318}] : Floppy disk drive -> OK
[HKLM | Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] : Volume -> OK
[HKLM | Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] : Human Interface Devices -> OK

¤¤¤¤¤¤¤¤¤¤ | IFEO


¤¤¤¤¤¤¤¤¤¤ | Mountpoints2

Deleted : HKU\S-1-5-21-2025429265-583907252-839522115-1004 | {9379975c-d721-11e1-a645-0019db299076} | AutoRun\command] : M:\Startme.exe
Deleted : HKU\S-1-5-21-2025429265-583907252-839522115-1004 | {a56e459c-c859-11e1-a0e4-0019db299076} | AutoRun\command] : M:\TX_Music_USB_DN.exe


¤¤¤¤¤¤¤¤¤¤ | Windows

[HKLM | Session Manager\SubSystems]|[Windows] : winsrv : %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]|[AppInit_DLLS] :
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]|[LoadAppInit_DLLs] : 1

[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]|[Programs] : com exe bat pif cmd

¤¤¤¤¤¤¤¤¤¤ | Security Center

[HKLM | Security Center]|[FirstRunDisabled] : 1
[HKLM | Security Center]|[AntiVirusDisableNotify] : 0
[HKLM | Security Center]|[AntiVirusOverride] : 0
[HKLM | Security Center]|[FirewallDisableNotify] : 0
[HKLM | Security Center]|[FirewallOverride] : 0
[HKLM | Security Center]|[UpdatesDisableNotify] : 0

[HKLM\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKLM\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKLM\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKLM\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKLM\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKLM\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKLM\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKLM\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKLM\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKLM\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKLM\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKLM\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKLM\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKLM\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKLM | FirewallPolicy\StandardProfile]|[DisableNotifications] : 0

¤¤¤¤¤¤¤¤¤¤ | Services Corrections

[RPCSS] : 2 : Actif
[srService] : 2 : Inactif
[PlugPlay] : 2 : Actif
[Parvdm] : 2 : Inactif
[lmhosts] : 2 : Actif
[LanmanWorkstation] : 2 : Actif
[LanmanServer] : 2 : Actif
[Audiosrv] : 2 : Actif
[ERSvc] : 2 : Actif
[Bits] : 3 -> 2 : Inactif
[CryptSvc] : 3 -> 2 : Actif
[EapHost] : 3 -> 2 : Inactif
[SharedAccess] : 2 : Actif
[winmgmt] : 2 : Actif
[wuauserv] : 2 : Inactif
[wudfsvc] : 2 : Inactif
[wscsvc] : 2 : Inactif
[wzcsvc] : 2 : Inactif
[Ndisuio] : 3 : Inactif

16:23:56

¤¤¤¤¤¤¤¤¤¤ | Internet Explorer

[HKU\S-1-5-21-2025429265-583907252-839522115-1004 | Main]|[Start Page] : https://www.google.com/?gws_rd=ssl -> https://www.google.com/?gws_rd=ssl
[HKU\S-1-5-21-2025429265-583907252-839522115-1004 | Main]|[Local Page] : C:\WINDOWS\system32\blank.htm

[HKLM | Search]|[SearchAssistant] : -> http://www.google.com/toolbar/ie8/sidebar.html
[HKLM | Main]|[Start Page] : https://www.msn.com/fr-fr -> https://www.msn.com/fr-fr/?ocid=iehp
[HKLM | Main]|[Local Page] : C:\WINDOWS\system32\blank.htm
[HKLM | Main]|[Default_Search_URL] : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
[HKLM | Main]|[Default_Page_URL] : https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF -> https://www.msn.com/fr-fr/?ocid=iehp
[HKLM | Main]|[Search Page] : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
[HKLM | AboutURLs]|[Tabs] : https://www.google.com/?gws_rd=ssl -> res://ieframe.dll/tabswelcome.htm

¤

[HKU\S-1-5-21-2025429265-583907252-839522115-1004 | PhishingFilter]|[EnabledV8] : 1
[HKU\S-1-5-21-2025429265-583907252-839522115-1004 | Internet settings]|[ProxyOverride] : <local> -> *.local
[HKU\S-1-5-21-2025429265-583907252-839522115-1004 | Internet settings]|[EnableHttp1_1] : 1
[HKU\S-1-5-19 | Internet settings]|[MigrateProxy] : 0 -> 1
[HKU\S-1-5-20 | Internet settings]|[MigrateProxy] : 0 -> 1
[HKU\S-1-5-21-2025429265-583907252-839522115-1004 | Internet settings]|[MigrateProxy] : 1
[HKU\S-1-5-18 | Internet settings]|[MigrateProxy] : 0 -> 1
[HKU\S-1-5-21-2025429265-583907252-839522115-1004 | Internet settings]|[AutoConfigProxy] : wininet.dll


¤¤¤¤¤¤¤¤¤¤ | Firefox


Profile : 2f69gkgq.default

user_pref("browser.download.lastDir", "C:\\Documents and Settings\\Jacques\\Bureau");
user_pref("browser.startup.homepage", "https://www.google.fr/?gws_rd=ssl");
user_pref("browser.startup.homepage_override.buildID", "20120905151427");
user_pref("browser.startup.homepage_override.mstone", "15.0.1");
line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !important; background: url(\"IMAGE\") right no-repeat}");
line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.url", "^http(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");

¤¤¤¤¤¤¤¤¤¤ | Extensions | Plugins

C:\Documents and Settings\Jacques\Application Data\Mozilla\Firefox\Profiles\2f69gkgq.default\extensions\23baa9e5b844e7c436f5970881824514ece44c7b@builder.extensionfactory.com
C:\Documents and Settings\Jacques\Application Data\Mozilla\Firefox\Profiles\2f69gkgq.default\extensions\DivXWebPlayer@divx.com.xpi
C:\Documents and Settings\Jacques\Application Data\Mozilla\Firefox\Profiles\2f69gkgq.default\extensions\elemhidehelper@adblockplus.org.xpi
C:\Documents and Settings\Jacques\Application Data\Mozilla\Firefox\Profiles\2f69gkgq.default\extensions\fastdebrid@gmail.com.xpi
C:\Documents and Settings\Jacques\Application Data\Mozilla\Firefox\Profiles\2f69gkgq.default\extensions\mozilla_cc@internetdownloadmanager.com
C:\Documents and Settings\Jacques\Application Data\Mozilla\Firefox\Profiles\2f69gkgq.default\extensions\real@debrid
C:\Documents and Settings\Jacques\Application Data\Mozilla\Firefox\Profiles\2f69gkgq.default\extensions\translator@zoli.bod.xpi
C:\Documents and Settings\Jacques\Application Data\Mozilla\Firefox\Profiles\2f69gkgq.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
C:\Documents and Settings\Jacques\Application Data\Mozilla\Firefox\Profiles\2f69gkgq.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
C:\Documents and Settings\Jacques\Application Data\Mozilla\Firefox\Profiles\2f69gkgq.default\extensions\23baa9e5b844e7c436f5970881824514ece44c7b@builder.extensionfactory.com
C:\Documents and Settings\Jacques\Application Data\Mozilla\Firefox\Profiles\2f69gkgq.default\extensions\DivXWebPlayer@divx.com.xpi
C:\Documents and Settings\Jacques\Application Data\Mozilla\Firefox\Profiles\2f69gkgq.default\extensions\elemhidehelper@adblockplus.org.xpi
C:\Documents and Settings\Jacques\Application Data\Mozilla\Firefox\Profiles\2f69gkgq.default\extensions\fastdebrid@gmail.com.xpi
C:\Documents and Settings\Jacques\Application Data\Mozilla\Firefox\Profiles\2f69gkgq.default\extensions\mozilla_cc@internetdownloadmanager.com
C:\Documents and Settings\Jacques\Application Data\Mozilla\Firefox\Profiles\2f69gkgq.default\extensions\real@debrid
C:\Documents and Settings\Jacques\Application Data\Mozilla\Firefox\Profiles\2f69gkgq.default\extensions\translator@zoli.bod.xpi
C:\Documents and Settings\Jacques\Application Data\Mozilla\Firefox\Profiles\2f69gkgq.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
C:\Documents and Settings\Jacques\Application Data\Mozilla\Firefox\Profiles\2f69gkgq.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
C:\Program Files\Mozilla Firefox\searchplugins\bing.xml
C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
C:\Program Files\Mozilla Firefox\searchplugins\google.xml
C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml


¤¤¤¤¤¤¤¤¤¤ | DNS

[HKLM\SYSTEM\CCS | Tcpip\Parameters]|[DhcpNameServer] : 192.168.1.1
[HKLM\SYSTEM\ControlSet001 | Interfaces\{C714CA58-43A3-4738-A940-BA2E884BF422}]|[DhcpNameServer] : 192.168.1.1
[HKLM\SYSTEM\ControlSet003 | Interfaces\{C714CA58-43A3-4738-A940-BA2E884BF422}]|[DhcpNameServer] : 192.168.1.1
[HKLM\SYSTEM\CurrentControlSet | Interfaces\{C714CA58-43A3-4738-A940-BA2E884BF422}]|[DhcpNameServer] : 192.168.1.1

¤¤¤¤¤¤¤¤¤¤ | Hosts

C:\WINDOWS\System32\Drivers\etc\hosts : Cleaned :)

¤¤¤¤¤¤¤¤¤¤ | Files | Folders | Registry

Quarantined and deleted Successfully : |ASH| - C:\Recycler\S-1-5-21-2025429265-583907252-839522115-1004\desktop.ini
Quarantined and deleted Successfully : |AH| - C:\Recycler\S-1-5-21-2025429265-583907252-839522115-1004\INFO2
Quarantined and deleted Successfully : |ASH| - C:\Recycler\S-1-5-21-2025429265-583907252-839522115-500\desktop.ini
Quarantined and deleted Successfully : |AH| - C:\Recycler\S-1-5-21-2025429265-583907252-839522115-500\INFO2
Deleted : [HKLM\Software\Mircrosoft]

Quarantined and deleted Successfully : C:\WINDOWS\002585_.tmp
Quarantined and deleted Successfully : C:\WINDOWS\DUMP465f.tmp
Quarantined and deleted Successfully : C:\WINDOWS\DUMP5062.tmp
Quarantined and deleted Successfully : C:\WINDOWS\DUMP517b.tmp
Impossible to move : C:\WINDOWS\msdownld.tmp
Quarantined and deleted Successfully : C:\WINDOWS\SET25.tmp
Quarantined and deleted Successfully : C:\WINDOWS\SET3.tmp
Quarantined and deleted Successfully : C:\WINDOWS\SET4.tmp
Quarantined and deleted Successfully : C:\WINDOWS\SET8.tmp
Quarantined and deleted Successfully : C:\DOCUME~1\Jacques\LOCALS~1\Temp\9b93aee4-5d0f-43c6-98ae-ec0b1e7534ab\CliSecureRT.dll
Quarantined and deleted Successfully : C:\DOCUME~1\Jacques\LOCALS~1\Temp\AdobeARM.log
Quarantined and deleted Successfully : C:\DOCUME~1\Jacques\LOCALS~1\Temp\Arabic.bin
Quarantined and deleted Successfully : C:\DOCUME~1\Jacques\LOCALS~1\Temp\Czech.bin
Quarantined and deleted Successfully : C:\DOCUME~1\Jacques\LOCALS~1\Temp\Danish.bin
Quarantined and deleted Successfully : C:\DOCUME~1\Jacques\LOCALS~1\Temp\Dutch.bin
Quarantined and deleted Successfully : C:\DOCUME~1\Jacques\LOCALS~1\Temp\English.bin
Quarantined and deleted Successfully : C:\DOCUME~1\Jacques\LOCALS~1\Temp\Finnish.bin
Quarantined and deleted Successfully : C:\DOCUME~1\Jacques\LOCALS~1\Temp\French.bin
Quarantined and deleted Successfully : C:\DOCUME~1\Jacques\LOCALS~1\Temp\German.bin
Quarantined and deleted Successfully : C:\DOCUME~1\Jacques\LOCALS~1\Temp\Greek.bin
Quarantined and deleted Successfully : C:\DOCUME~1\Jacques\LOCALS~1\Temp\Hebrew.bin
Quarantined and deleted Successfully : C:\DOCUME~1\Jacques\LOCALS~1\Temp\Hungarian.bin
Quarantined and deleted Successfully : C:\DOCUME~1\Jacques\LOCALS~1\Temp\Italian.bin
Quarantined and deleted Successfully : C:\DOCUME~1\Jacques\LOCALS~1\Temp\Japanese.bin
Quarantined and deleted Successfully : C:\DOCUME~1\Jacques\LOCALS~1\Temp\jusched.log
Quarantined and deleted Successfully : C:\DOCUME~1\Jacques\LOCALS~1\Temp\KiesInstall.Log
Quarantined and deleted Successfully : C:\DOCUME~1\Jacques\LOCALS~1\Temp\Korean.bin
Quarantined and deleted Successfully : C:\DOCUME~1\Jacques\LOCALS~1\Temp\Norwegian.bin
Quarantined and deleted Successfully : C:\DOCUME~1\Jacques\LOCALS~1\Temp\Polish.bin
Quarantined and deleted Successfully : C:\DOCUME~1\Jacques\LOCALS~1\Temp\Portuguese(Brazil).bin
Quarantined and deleted Successfully : C:\DOCUME~1\Jacques\LOCALS~1\Temp\Portuguese.bin
Quarantined and deleted Successfully : C:\DOCUME~1\Jacques\LOCALS~1\Temp\Russian.bin
Quarantined and deleted Successfully : C:\DOCUME~1\Jacques\LOCALS~1\Temp\SimChin.bin
Quarantined and deleted Successfully : C:\DOCUME~1\Jacques\LOCALS~1\Temp\Spanish.bin
Quarantined and deleted Successfully : C:\DOCUME~1\Jacques\LOCALS~1\Temp\SWEDISH.bin
Quarantined and deleted Successfully : C:\DOCUME~1\Jacques\LOCALS~1\Temp\Thai.bin
Quarantined and deleted Successfully : C:\DOCUME~1\Jacques\LOCALS~1\Temp\TradChin.bin
Quarantined and deleted Successfully : C:\DOCUME~1\Jacques\LOCALS~1\Temp\Turkish.bin
Impossible to move : C:\DOCUME~1\Jacques\LOCALS~1\Temp\~DF17FB.tmp
Quarantined and deleted Successfully : C:\WINDOWS\Temp\logishrd\LVPrcInj01.dll
Impossible to move : C:\Documents and Settings\Jacques\Application Data\3d3.com
Quarantined and deleted Successfully : C:\Documents and Settings\Jacques\Application Data\79g7gg.sys
Quarantined and deleted Successfully : C:\Documents and Settings\Jacques\Application Data\Bubble Dock.boostrap.log
Quarantined and deleted Successfully : C:\Documents and Settings\Jacques\Application Data\Bubble Dock.installation.log
Quarantined and deleted Successfully : C:\Documents and Settings\Jacques\Application Data\DAEMON Tools Lite\ImgList.dat
Quarantined and deleted Successfully : C:\Documents and Settings\Jacques\Application Data\Grand Theft Auto IV.bat
Quarantined and deleted Successfully : C:\Documents and Settings\Jacques\Application Data\IDM\cnlurllist.dat
Quarantined and deleted Successfully : C:\Documents and Settings\Jacques\Application Data\IDM\defextmap.dat
Quarantined and deleted Successfully : C:\Documents and Settings\Jacques\Application Data\IDM\GlobalErrors.log
Quarantined and deleted Successfully : C:\Documents and Settings\Jacques\Application Data\IDM\idmupdt.exe
Quarantined and deleted Successfully : C:\Documents and Settings\Jacques\Application Data\IDM\sts_list.dat
Quarantined and deleted Successfully : C:\Documents and Settings\Jacques\Application Data\IDM\urlexclist.dat
Quarantined and deleted Successfully : C:\Documents and Settings\Jacques\Application Data\m4ng\ffmpeg_debug.bat
Quarantined and deleted Successfully : C:\Documents and Settings\Jacques\Application Data\m4ng\goaudio.bat
Quarantined and deleted Successfully : C:\Documents and Settings\Jacques\Application Data\m4ng\m4ng_protect.dat
Quarantined and deleted Successfully : C:\Documents and Settings\Jacques\Application Data\WinRAR\version.dat
Quarantined and deleted Successfully : C:\Documents and Settings\Jacques\Application Data\Microsoft\HTML Help\hh.dat
Quarantined and deleted Successfully : C:\Documents and Settings\Jacques\Application Data\Microsoft\MSXML2\msxml4.dll
Quarantined and deleted Successfully : C:\Documents and Settings\Jacques\Application Data\Microsoft\MSXML2\msxml4a.dll
Quarantined and deleted Successfully : C:\Documents and Settings\Jacques\Application Data\Microsoft\MSXML2\msxml4r.dll
Quarantined and deleted Successfully : C:\Documents and Settings\Jacques\Application Data\Microsoft\Office\fbc1ED.tmp
Quarantined and deleted Successfully : C:\Documents and Settings\Jacques\Application Data\Microsoft\OIS\Toolbars.dat
Quarantined and deleted Successfully : C:\Documents and Settings\Jacques\Application Data\Microsoft\UProof\CMAdj.12.bin
Quarantined and deleted Successfully : C:\Documents and Settings\Jacques\Application Data\Microsoft\Word\ListGal.dat
Quarantined and deleted Successfully : C:\Documents and Settings\Jacques\Local Settings\Application Data\SecondLife\avatar_name_cache.xml
Quarantined and deleted Successfully : C:\Documents and Settings\Jacques\Local Settings\Application Data\SecondLife\data.db2.x.31827
Quarantined and deleted Successfully : C:\Documents and Settings\Jacques\Local Settings\Application Data\SecondLife\index.db2.x.31827
Quarantined and deleted Successfully : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy Interactive Inc\Yummy.Core.Logging.Log
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Quarantined and deleted Successfully : C:\Documents and Settings\All Users\Application Data\Copernic\CopernicSystemPro.dll
Quarantined and deleted Successfully : C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite\license.dat
Quarantined and deleted Successfully : C:\Documents and Settings\All Users\Application Data\FLEXnet\SRSLABS_00988c00_tsf.data
Quarantined and deleted Successfully : C:\Documents and Settings\All Users\Application Data\FLEXnet\SRSLABS_00988c00_tsf.data_backup.001
Quarantined and deleted Successfully : C:\Documents and Settings\Jacques\CCCInstall_201105311510158750.log
Quarantined and deleted Successfully : C:\Documents and Settings\Jacques\debug.log

16:29:36

Impossible to move : C:\Documents and Settings\Jacques\Menu Démarrer\Programmes\Internet Download Manager
Impossible to move : C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Internet Download Manager
Quarantined and deleted Successfully : C:\Documents and Settings\Jacques\Menu Démarrer\Video Converter Uninstall Video Converter.lnk
Quarantined and deleted Successfully : C:\Documents and Settings\Jacques\Bureau\2_g10.jpg
Quarantined and deleted Successfully : C:\Documents and Settings\Jacques\Bureau\amnesia_tdd_demo_1.0.zip
Quarantined and deleted Successfully : C:\WINDOWS\XSxS
Quarantined and deleted Successfully : |D| - C:\Documents and Settings\Jacques\Application Data\Sun\Java\Deployment\cache\6.0
Quarantined and deleted Successfully : C:\Documents and Settings\Jacques\Modèles\SamsungKiesSetup.exe
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\0000E33B.EXE-0241C562.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\ACRORD32.EXE-19C3D96E.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\ADWCLEANER_4.EXE-1E95ABD6.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\ALG.EXE-0F138680.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\AU_.EXE-310F5602.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\AVASTEMUPDATE.EXE-033BD90D.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\AVASTSVC.EXE-2FF42CC2.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\AVASTUI.EXE-0B3C80E5.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\BABYLONTOOLBARSRV.EXE-08CD5ADB.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\CCC.EXE-2F1AF7F1.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\CCLEANER.EXE-0BCE437C.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\CHROME.EXE-06157C0F.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\CHROME.EXE-06157C12.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\CLISTART.EXE-315E0C43.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\CMD.EXE-087B4001.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\COCIMANAGER.EXE-046DBC57.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\CONNECTIONMANAGER.EXE-02857AA2.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\CONNECTIONMANAGER.EXE-3A872C5F.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\CONTROL.EXE-013DBFB5.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\CTFMON.EXE-0E17969B.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\DEFRAG.EXE-273F131E.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\DEVICEDATASERVICE.EXE-2C6EB740.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\DEVICEMANAGER.EXE-201B4FE9.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\DEVICEMANAGER.EXE-30082278.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\DFRGNTFS.EXE-269967DF.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\DGDERSVC.EXE-154C9497.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\DRWTSN32.EXE-2B4B52AC.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\DUMPREP.EXE-1B46F901.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\DWWIN.EXE-30875ADC.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\EXPLORER.EXE-082F38A9.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\FACEBOOKUPDATE.EXE-2B2AE61C.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\FIREFOX.EXE-28641590.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\FLASHPLAYERINSTALLER.EXE-202A7CDB.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\FLASHPLAYERUPDATESERVICE.EXE-34BC5027.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\FSUSBEXADMIN.EXE-33161A3A.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\FSUSBEXSERVICE.EXE-270893C6.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\GOOGLECRASHHANDLER.EXE-1A47A643.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\GOOGLECRASHHANDLER.EXE-2AE91E26.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\GOOGLEUPDATE.EXE-04BDC9B8.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\GOOGLEUPDATE.EXE-1E123D86.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\GOOGLEUPDATESETUP.EXE-02B7C4DB.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\GROOVE.EXE-1C3B05AB.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\HELPCTR.EXE-3862B6F5.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\HELPSVC.EXE-2878DDA2.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\IEMONITOR.EXE-2D8B91C4.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\IEXPLORE.EXE-27122324.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\IMAPI.EXE-0BF740A4.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\IS64TEST.EXE-08DCB656.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\ISEXISTPROCESS.EXE-144889FD.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\JAVA.EXE-0C263507.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\JAVAW.EXE-2DC32ABC.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\J
0
Réponse 3 / 23
jacknico Messages postés 26 Date d'inscription mercredi 2 mai 2012 Statut Membre Dernière intervention 28 septembre 2012
25 sept. 2012 à 17:03
ok je fait ça !
0
Réponse 4 / 23
jacknico Messages postés 26 Date d'inscription mercredi 2 mai 2012 Statut Membre Dernière intervention 28 septembre 2012
25 sept. 2012 à 17:38
cijoint ne m arche pas et pijoint non plus ??? comment t'envoyer le rapport ?
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 23
Utilisateur anonyme
25 sept. 2012 à 20:56
si ils fonctionnent.....il est trop long il rentre pas....

zippe-le au pire et tente d'envoyer l archive
0
jacknico Messages postés 26 Date d'inscription mercredi 2 mai 2012 Statut Membre Dernière intervention 28 septembre 2012
25 sept. 2012 à 21:31
https://pjjoint.malekal.com/files.php?id=20120925_q7d5m7d5e14
0
Réponse 6 / 23
jacknico Messages postés 26 Date d'inscription mercredi 2 mai 2012 Statut Membre Dernière intervention 28 septembre 2012
25 sept. 2012 à 21:16
regarde si cela marche

https://pjjoint.malekal.com/files.php?id=20120925_q7d5m7d5e14
0
Réponse 7 / 23
Utilisateur anonyme
25 sept. 2012 à 22:02
? c'est quoi que tu as envoyé ???????
0
jacknico Messages postés 26 Date d'inscription mercredi 2 mai 2012 Statut Membre Dernière intervention 28 septembre 2012
25 sept. 2012 à 22:08
le premier scan que j'ai fait avec pre_scan , compressé avec win.rar
0
jacknico Messages postés 26 Date d'inscription mercredi 2 mai 2012 Statut Membre Dernière intervention 28 septembre 2012
25 sept. 2012 à 22:09
j'en ai fait un deuxieme le veux tu aussi ?
0
Réponse 8 / 23
Utilisateur anonyme
25 sept. 2012 à 22:12
heberge plutot ici j'arrive pas à les ouvrir

https://www.cjoint.com/
0
Réponse 9 / 23
jacknico Messages postés 26 Date d'inscription mercredi 2 mai 2012 Statut Membre Dernière intervention 28 septembre 2012
25 sept. 2012 à 22:15
le premier scan :

http://cjoint.com/12sp/BIzwnISwq9e.htm

le deuxieme:

https://www.cjoint.com/?BIzwoQUIFmY
0
Réponse 10 / 23
Utilisateur anonyme
25 sept. 2012 à 22:20
relance l'outil , clique sur diag puis heberge le rapport sur cjoint.com
0
jacknico Messages postés 26 Date d'inscription mercredi 2 mai 2012 Statut Membre Dernière intervention 28 septembre 2012
25 sept. 2012 à 22:49
https://www.cjoint.com/?BIzwJFFK4AI
0
Réponse 11 / 23
jacknico Messages postés 26 Date d'inscription mercredi 2 mai 2012 Statut Membre Dernière intervention 28 septembre 2012
25 sept. 2012 à 22:36
fait :

https://www.cjoint.com/?BIzwJFFK4AI
0
Réponse 12 / 23
Utilisateur anonyme
25 sept. 2012 à 23:23
Attention !!! pense à re-désactiver tes protections

Clique sur ce lien : https://www.cjoint.com/?BIzxwtPBfkT

Selectionne tout le texte qui s'y trouve CTRL+A puis CTRL+C ou clic droit/copier

Relance Pre_scan puis choisis l'option "Script"

une page va s'ouvrir

logiquement le texte que tu as sélectionné s'y trouve déjà , donc tu fermes et le programme va travailler.

sinon colle-le (clic droit/coller ou ctrl+V) dans la page vierge.

puis onglet fichier => enregistrer (pas enregistrer sous...) , puis ferme le texte

des fenetres noires risquent de clignoter , c'est normal , c'est le programme qui travaille

poste Pre_Script.txt qui apparaitra sur le bureau en fin de travail
0
jacknico Messages postés 26 Date d'inscription mercredi 2 mai 2012 Statut Membre Dernière intervention 28 septembre 2012
26 sept. 2012 à 09:08
Bonjour, je viens d'effectuer l'option script, voici le rapport :

https://www.cjoint.com/?BIAjhKXGwBw
0
jacknico Messages postés 26 Date d'inscription mercredi 2 mai 2012 Statut Membre Dernière intervention 28 septembre 2012
Modifié par jacknico le 26/09/2012 à 11:24
après ce nettoyage ,que dois je faire maintenant pour récupérer une bonne configuration de mon système ? , car j'ai toujours les mêmes soucis due au virus.
0
Réponse 13 / 23
Utilisateur anonyme
26 sept. 2012 à 18:35
regarde dans les propriétés de la barre des taches si le theme n'a pas été modifié
0
Réponse 14 / 23
jacknico Messages postés 26 Date d'inscription mercredi 2 mai 2012 Statut Membre Dernière intervention 28 septembre 2012
26 sept. 2012 à 20:28
non apparemment pas, je n'ai plus que l'option affichage classic windows ????

j'ai un autre gros problème depuis que j'ai eu ce problème , quand je lance le jeu en ligne Worlds of tanks , immédiatement l'ordi lag un max et je vois que j'ai un ping entre 400 et 700 lors du jeu ! alors que normalement j'ai un ping a 35 pas plus .

et quand je ferme le jeu car il est injouable, j'ai la souris qui rame en saccadant ! bref c'est bizarre ?

si tu a une soluce pour se problème je suis tout ouïe

merci d'avance
0
Réponse 15 / 23
Utilisateur anonyme
26 sept. 2012 à 21:20
ca sent pas bon....

suis ce tuto :

https://forums.cnetfrance.fr/tutoriels-securite-informatique/179557-dr-web-cureit-le-tutoriel
0
Réponse 16 / 23
jacknico Messages postés 26 Date d'inscription mercredi 2 mai 2012 Statut Membre Dernière intervention 28 septembre 2012
27 sept. 2012 à 15:27
je viens de finir avec Dr Web, il y a encore eu 4 fichier mis en quarantaine !

je vais tester mon pc , je te tiens au courant
0
Réponse 17 / 23
Utilisateur anonyme
27 sept. 2012 à 15:40
si on peut lire le rapport c'est bien.....
0
Réponse 18 / 23
jacknico Messages postés 26 Date d'inscription mercredi 2 mai 2012 Statut Membre Dernière intervention 28 septembre 2012
27 sept. 2012 à 20:04
je le retrouve pas .... je continu a chercher ! lol

excuse pour mon incompétence a ce niveau, et surtout un grand Merci pour l'aide que tu m'apporte !
0
Réponse 19 / 23
jacknico Messages postés 26 Date d'inscription mercredi 2 mai 2012 Statut Membre Dernière intervention 28 septembre 2012
27 sept. 2012 à 20:09
je l'ai retrouvé, c'est un fichier exel, et je cherchai un fichier texte .

https://www.cjoint.com/?BIBuhUjcDPV
0
Réponse 20 / 23
jacknico Messages postés 26 Date d'inscription mercredi 2 mai 2012 Statut Membre Dernière intervention 28 septembre 2012
27 sept. 2012 à 20:15
j'ai téléchargé le theme XP et j'ai voulu le mettre dans C:\WINDOWS\Resources\Themes, et la surprise il y etait toujours, mais impossible qu'il soit pris en compte, j'ai un message d'erreur me disant qu'il n'est pas en cours d'execution , et quand je vais l'ouvrir ca merde aussi , j'y comprend plus rien
0

Discussions similaires

Compte facebook piraté, mail chngé, appareils deconnectés
SnkFan -
MPMP10 -

8 réponses
Tester une config
Antoinedu49 -
Utilisateur anonyme -

1 réponse
compte facebook piraté et adresse email changé
keseh -
Lapourax -

2 réponses
Netflix change de langue tout seul
NoName -
bazfile -

5 réponses
Mon pc s'allume et s'éteint en boucle
Jack -
Daniel -

16 réponses