Mon ordi rame et ma config a changé ?

Résolu
jacknico Messages postés 26 Date d'inscription   Statut Membre Dernière intervention   -  
 Utilisateur anonyme -
Bonjour,

depuis aujourd'hui j'ai mon ordi rame un max et l'apparence XP a disparue, pour etre remplacé par "il me semble" l'apparence du vieux Windows 98 !
bref j'ai lancé ccleaner, fait un scan avec avast et j'ai toujours de gros blèmes.

voici le scan fait avec ZHPDiag : https://pjjoint.malekal.com/files.php?id=ZHPDiag_20120925_z14j10u10n7p12

et celui de MBAM : https://pjjoint.malekal.com/files.php?id=20120925_v7c13m5d12q14


Merci d'avance pour votre aide !

A voir également:

23 réponses

  • 1
  • 2
Réponse 1 / 23
Utilisateur anonyme
 
salut

Attention !!! : cet outil peut etre détecté à tort comme virus
Attention !!! : cet outil est puissant suivre scrupuleusement les instructions ci-dessous

tous les processus "non vitaux de windows" vont être coupés , enregistre ton travail.

Désactive toutes tes protections si possible , antivirus , sandbox , pare-feux , etc....

telecharge et enregistre Pre_Scan sur ton bureau :

https://forums-fec.be/gen-hackman/Pre_Scan.exe

si le lien ne fonctionne pas :

https://toolslib.net
http://www.archive-host.com

Avertissement :Il y aura une extinction du bureau pendant le scan --> pas de panique.

une fois telechargé lance-le , laisse faire le scan jusqu'à l'apparition de "Pre_scan_la_date_et_l'heure.txt" sur le bureau.

si l'outil est relancé plusieurs fois , il te proposera un menu et qu'aucune option n'est demandée, lance l'option "Kill"

si l'outil est bloqué par l'infection utilise cette version avec extension .pif :

https://forums-fec.be/gen-hackman/Pre_Scan.pif

si l'outil detecte un proxy et que tu n'en as pas installé clique sur "supprimer le proxy"

Il se peut qu'une multitude de fenêtres noires clignotent , laisse-le travailler

Poste Pre_Scan_la_date_et_l'heure.txt qui apparaitra sur le bureau en fin de scan

Il est possible que l'outil fasse redemarrer ton pc , laisse-le faire

NE LE POSTE PAS SUR LE FORUM !!! (il est trop long)

Heberge le rapport sur http://pjjoint.malekal.com puis donne le lien obtenu en echange sur le forum où tu te fais aider


0
^Abel^ Messages postés 15399 Date d'inscription   Statut Contributeur Dernière intervention   6 871
 
Bonjour g3n-h@ckm@n,
Pardonnez-moi, je n'avais pas vu la prise en main de ce sujet...^^
Cordialement.
0
Utilisateur anonyme
 
;)
0
jacknico Messages postés 26 Date d'inscription   Statut Membre Dernière intervention  
 
aucune des versions de pre_scan ne fonctionnent , j'ai ce message d'erreur qui apparait Line 612 (file "C:\documents and settings\jacques\mes documents\téléchargements\pre_scan.pif") : error : variable must be of type object"

que faire d'autre ?
0
Utilisateur anonyme
 
??????????????????? 612 ??????????????
0
jacknico Messages postés 26 Date d'inscription   Statut Membre Dernière intervention  
 
line 6112
0
Réponse 2 / 23
Utilisateur anonyme
 
en réactivent plusieurs système ,

pas compris ca....

relance-le , clique sur Diag puis heberge le rapport
0
jacknico Messages postés 26 Date d'inscription   Statut Membre Dernière intervention  
 
impossible d'ouvrir l'hebergeur : je te poste le rapport ici :

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Pre_Scan | 2.0925 | g3n-h@ckm@n & Saachaa | ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤ XP | Vista | 7 | 8 - 32/64 bits ¤¤¤¤¤

~ Update on 25/09/2012 | 08.45 by g3n-h@ckm@n
~ Informations | Evolution : https://gen-hackman.kanak.fr/
~ Informations for the switches Pre_Script : https://gen-hackman.kanak.fr/
~ Feedback Pre_scan : https://gen-hackman.kanak.fr/#505
~ Thx to C_XX , Slyk for their help for the evolution of the tool

~ User : Jacques (Administrateurs) | SID = S-1-5-21-2025429265-583907252-839522115-1004
~ Computer : HOME-52CE49D486

~ System : Microsoft Windows XP (32 bits) Service Pack 3
~ RegisteredOwner : NICOLAI
~ RegisteredOrganization : HOME
~ ProcessorNameString : Intel(R) Core(TM)2 CPU 6300 @ 1.86GHz
~ Identifier : x86 Family 6 Model 15 Stepping 6

~ Mémory RAM = Total (KB) : 2095530 | Used (%) : 23 | Free (KB) : 1593200
~ Pagefile = Total (KB) : 4033960 | Free (KB) : 3781140
~ Virtual = Total (KB) : 2097020 | Free (KB) : 1972090

¤¤¤¤¤¤¤¤¤¤ | Boot's scripts


¤¤¤¤¤¤¤¤¤¤ | Drives

c:\ -> [Fixed] | [] | Total : 305230 Mo | Free : 59650 Mo -> NTFS
e:\ -> [Fixed] | [] | Total : 144150 Mo | Free : 3850 Mo -> NTFS
f:\ -> [Removable] | [] | Total : 3840 Mo | Free : 2590 Mo -> FAT32

Scan : 14:44:43 | 25/09/2012

¤¤¤¤¤¤¤¤¤¤ | Windows Updates

Last(s) détection(s) : 2012-09-24 04:42:41
Last(s) download(s) : 2012-09-22 06:43:41
Last(s) installation(s) : 2012-09-22 13:29:11
Next search : 2012-09-24 23:34:31


~ C:\WINDOWS\system32\config\systemprofile
~ C:\Documents and Settings\LocalService
~ C:\Documents and Settings\NetworkService
~ C:\Documents and Settings\Jacques
~ C:\Documents and Settings\Administrateur
~ C:\Documents and Settings\Invité
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Pre_Scan | 2.0925 | g3n-h@ckm@n & Saachaa | ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤ XP | Vista | 7 | 8 - 32/64 bits ¤¤¤¤¤

~ Update on 25/09/2012 | 08.45 by g3n-h@ckm@n
~ Informations | Evolution : https://gen-hackman.kanak.fr/
~ Informations for the switches Pre_Script : https://gen-hackman.kanak.fr/
~ Feedback Pre_scan : https://gen-hackman.kanak.fr/#505
~ Thx to C_XX , Slyk for their help for the evolution of the tool

~ User : Jacques (Administrateurs) | SID = S-1-5-21-2025429265-583907252-839522115-1004
~ Computer : HOME-52CE49D486

~ System : Microsoft Windows XP (32 bits) Service Pack 3
~ RegisteredOwner : NICOLAI
~ RegisteredOrganization : HOME
~ ProcessorNameString : Intel(R) Core(TM)2 CPU 6300 @ 1.86GHz
~ Identifier : x86 Family 6 Model 15 Stepping 6

~ Mémory RAM = Total (KB) : 2095530 | Used (%) : 23 | Free (KB) : 1602100
~ Pagefile = Total (KB) : 4033960 | Free (KB) : 3794260
~ Virtual = Total (KB) : 2097020 | Free (KB) : 1971580

¤¤¤¤¤¤¤¤¤¤ | Boot's scripts


¤¤¤¤¤¤¤¤¤¤ | Drives

c:\ -> [Fixed] | [] | Total : 305230 Mo | Free : 59650 Mo -> NTFS
e:\ -> [Fixed] | [] | Total : 144150 Mo | Free : 3850 Mo -> NTFS
f:\ -> [Removable] | [] | Total : 3840 Mo | Free : 2590 Mo -> FAT32

Scan : 15:46:51 | 25/09/2012

¤¤¤¤¤¤¤¤¤¤ | Windows Updates

Last(s) détection(s) : 2012-09-24 04:42:41
Last(s) download(s) : 2012-09-22 06:43:41
Last(s) installation(s) : 2012-09-22 13:29:11
Next search : 2012-09-24 23:34:31


~ C:\WINDOWS\system32\config\systemprofile
~ C:\Documents and Settings\LocalService
~ C:\Documents and Settings\NetworkService
~ C:\Documents and Settings\Jacques
~ C:\Documents and Settings\Administrateur
~ C:\Documents and Settings\Invité
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Pre_Scan | 2.0925 | g3n-h@ckm@n & Saachaa | ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤ XP | Vista | 7 | 8 - 32/64 bits ¤¤¤¤¤

~ Update on 25/09/2012 | 08.45 by g3n-h@ckm@n
~ Informations | Evolution : https://gen-hackman.kanak.fr/
~ Informations for the switches Pre_Script : https://gen-hackman.kanak.fr/
~ Feedback Pre_scan : https://gen-hackman.kanak.fr/#505
~ Thx to C_XX , Slyk for their help for the evolution of the tool

~ User : Jacques (Administrateurs) | SID = S-1-5-21-2025429265-583907252-839522115-1004
~ Computer : HOME-52CE49D486

~ System : Microsoft Windows XP (32 bits) Service Pack 3
~ RegisteredOwner : NICOLAI
~ RegisteredOrganization : HOME
~ ProcessorNameString : Intel(R) Core(TM)2 CPU 6300 @ 1.86GHz
~ Identifier : x86 Family 6 Model 15 Stepping 6

~ Mémory RAM = Total (KB) : 2095530 | Used (%) : 22 | Free (KB) : 1633650
~ Pagefile = Total (KB) : 4033960 | Free (KB) : 3793210
~ Virtual = Total (KB) : 2097020 | Free (KB) : 1972020

¤¤¤¤¤¤¤¤¤¤ | Boot's scripts


¤¤¤¤¤¤¤¤¤¤ | Drives

c:\ -> [Fixed] | [] | Total : 305230 Mo | Free : 59640 Mo -> NTFS
e:\ -> [Fixed] | [] | Total : 144150 Mo | Free : 3850 Mo -> NTFS
f:\ -> [Removable] | [] | Total : 3840 Mo | Free : 2590 Mo -> FAT32

Scan : 16:05:59 | 25/09/2012

¤¤¤¤¤¤¤¤¤¤ | Windows Updates

Last(s) détection(s) : 2012-09-24 04:42:41
Last(s) download(s) : 2012-09-22 06:43:41
Last(s) installation(s) : 2012-09-22 13:29:11
Next search : 2012-09-24 23:34:31


~ C:\WINDOWS\system32\config\systemprofile
~ C:\Documents and Settings\LocalService
~ C:\Documents and Settings\NetworkService
~ C:\Documents and Settings\Jacques
~ C:\Documents and Settings\Administrateur
~ C:\Documents and Settings\Invité
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Pre_Scan | 2.0925 | g3n-h@ckm@n & Saachaa | ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤ XP | Vista | 7 | 8 - 32/64 bits ¤¤¤¤¤

~ Update on 25/09/2012 | 08.45 by g3n-h@ckm@n
~ Informations | Evolution : https://gen-hackman.kanak.fr/
~ Informations for the switches Pre_Script : https://gen-hackman.kanak.fr/
~ Feedback Pre_scan : https://gen-hackman.kanak.fr/#505
~ Thx to C_XX , Slyk for their help for the evolution of the tool

~ User : Jacques (Administrateurs) | SID = S-1-5-21-2025429265-583907252-839522115-1004
~ Computer : HOME-52CE49D486

~ System : Microsoft Windows XP (32 bits) Service Pack 3
~ RegisteredOwner : NICOLAI
~ RegisteredOrganization : HOME
~ ProcessorNameString : Intel(R) Core(TM)2 CPU 6300 @ 1.86GHz
~ Identifier : x86 Family 6 Model 15 Stepping 6

~ Mémory RAM = Total (KB) : 2095530 | Used (%) : 23 | Free (KB) : 1600320
~ Pagefile = Total (KB) : 4033960 | Free (KB) : 3786130
~ Virtual = Total (KB) : 2097020 | Free (KB) : 1971580

¤¤¤¤¤¤¤¤¤¤ | Boot's scripts


¤¤¤¤¤¤¤¤¤¤ | Drives

c:\ -> [Fixed] | [] | Total : 305230 Mo | Free : 59630 Mo -> NTFS
e:\ -> [Fixed] | [] | Total : 144150 Mo | Free : 3850 Mo -> NTFS
f:\ -> [Removable] | [] | Total : 3840 Mo | Free : 2590 Mo -> FAT32

Scan : 16:23:12 | 25/09/2012

¤¤¤¤¤¤¤¤¤¤ | Windows Updates

Last(s) détection(s) : 2012-09-24 04:42:41
Last(s) download(s) : 2012-09-22 06:43:41
Last(s) installation(s) : 2012-09-22 13:29:11
Next search : 2012-09-24 23:34:31


~ C:\WINDOWS\system32\config\systemprofile
~ C:\Documents and Settings\LocalService
~ C:\Documents and Settings\NetworkService
~ C:\Documents and Settings\Jacques
~ C:\Documents and Settings\Administrateur
~ C:\Documents and Settings\Invité

New restorepoint created


¤¤¤¤¤¤¤¤¤¤ | MD5 Control

[MD5.78C7F942D5F3BBAEB736328A05007E74] - [25/09/2012 14:44:44] - [0.5 Ko] - C:\Pre_Scan\MBR.bin
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - [02/03/2006 14:00:00] - (.© Microsoft Corporation. - Explorateur Windows.) - [1013.5 Ko] - (6.0.2900.5512) - C:\WINDOWS\explorer.exe
[MD5.2A7BD330924252A2FD80344FC949BB72] - [31/05/2011 11:32:49] - (.© Microsoft Corporation. - Explorateur Windows.) - [1012 Ko] - (6.0.2900.2180) - C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - [31/05/2011 11:14:28] - (.© Microsoft Corporation. - Explorateur Windows.) - [1013.5 Ko] - (6.0.2900.5512) - C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[MD5.6EDCA12F58A4513637AF2DEBB1629BC8] - [31/05/2011 11:32:45] - (.© Microsoft Corporation. - Client Server Runtime Process.) - [6 Ko] - (5.1.2600.2180) - C:\WINDOWS\$NtServicePackUninstall$\csrss.exe
[MD5.E0E8A531CFCE1C2E5D79F683282C10C3] - [31/05/2011 11:14:22] - (.© Microsoft Corporation. - Client Server Runtime Process.) - [6 Ko] - (5.1.2600.5512) - C:\WINDOWS\ServicePackFiles\i386\csrss.exe
[MD5.E0E8A531CFCE1C2E5D79F683282C10C3] - [02/03/2006 14:00:00] - (.© Microsoft Corporation. - Client Server Runtime Process.) - [6 Ko] - (5.1.2600.5512) - C:\WINDOWS\system32\csrss.exe
[MD5.9D6BF82FE50D55F20F8E10E0F6653886] - [31/05/2011 11:32:34] - (.© Microsoft Corporation. - Applications Services et Contrôleur.) - [108.5 Ko] - (5.1.2600.3520) - C:\WINDOWS\$NtServicePackUninstall$\services.exe
[MD5.54CB50058851D95E56EC70D09F70857F] - [31/05/2011 11:48:58] - (.© Microsoft Corporation. - Applications Services et Contrôleur.) - [106.5 Ko] - (5.1.2600.5512) - C:\WINDOWS\$NtUninstallKB956572$\services.exe
[MD5.63DCDE1A0D86EEB8924D6738FF616EAD] - [31/05/2011 11:05:12] - (.© Microsoft Corporation. - Applications Services et Contrôleur.) - [106 Ko] - (5.1.2600.2180) - C:\WINDOWS\$NtUninstallKB956572_0$\services.exe
[MD5.54CB50058851D95E56EC70D09F70857F] - [14/04/2008 04:34:20] - (.© Microsoft Corporation. - Applications Services et Contrôleur.) - [106.5 Ko] - (5.1.2600.5512) - C:\WINDOWS\ServicePackFiles\i386\services.exe
[MD5.C3FB1D70CB88722267949694BA51759E] - [02/03/2006 14:00:00] - (.© Microsoft Corporation. - Applications Services et Contrôleur.) - [108.5 Ko] - (5.1.2600.5755) - C:\WINDOWS\system32\services.exe
[MD5.C3FB1D70CB88722267949694BA51759E] - [31/05/2011 10:58:15] - (.© Microsoft Corporation. - Applications Services et Contrôleur.) - [108.5 Ko] - (5.1.2600.5755) - C:\WINDOWS\system32\dllcache\services.exe
[MD5.70A9BCEA4D3B3B4773F9A871F5FEEF57] - [31/05/2011 11:32:34] - (.© Microsoft Corporation. - Gestionnaire de session Windows NT.) - [49.5 Ko] - (5.1.2600.2180) - C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[MD5.48E430297DA757F5CC2793CCFACAD5E7] - [31/05/2011 11:15:03] - (.© Microsoft Corporation. - Gestionnaire de session Windows NT.) - [49.5 Ko] - (5.1.2600.5512) - C:\WINDOWS\ServicePackFiles\i386\smss.exe
[MD5.48E430297DA757F5CC2793CCFACAD5E7] - [02/03/2006 14:00:00] - (.© Microsoft Corporation. - Gestionnaire de session Windows NT.) - [49.5 Ko] - (5.1.2600.5512) - C:\WINDOWS\system32\smss.exe
[MD5.84717891F0734C611721F56C60B5FBC3] - [31/05/2011 11:32:34] - (.© Microsoft Corporation. - Application d'ouverture de session Userinit.) - [24.5 Ko] - (5.1.2600.2180) - C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[MD5.E74DDB12188C2FF57A78624DBF7332FC] - [31/05/2011 11:15:09] - (.© Microsoft Corporation. - Application d'ouverture de session Userinit.) - [26 Ko] - (5.1.2600.5512) - C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[MD5.E74DDB12188C2FF57A78624DBF7332FC] - [02/03/2006 14:00:00] - (.© Microsoft Corporation. - Application d'ouverture de session Userinit.) - [26 Ko] - (5.1.2600.5512) - C:\WINDOWS\system32\userinit.exe
[MD5.123EEA158F74D0F67A51DCDF065D1091] - [31/05/2011 11:32:36] - (.© Microsoft Corporation. - Application d'ouverture de session Windows NT.) - [494.5 Ko] - (5.1.2600.2180) - C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - [31/05/2011 11:15:13] - (.© Microsoft Corporation. - Application d'ouverture de session Windows NT.) - [500 Ko] - (5.1.2600.5512) - C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - [02/03/2006 14:00:00] - (.© Microsoft Corporation. - Application d'ouverture de session Windows NT.) - [500 Ko] - (5.1.2600.5512) - C:\WINDOWS\system32\winlogon.exe
[MD5.55E6E1C51B6D30E54335750955453702] - [31/05/2011 11:32:34] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [135.13 Ko] - (5.1.2600.3427) - C:\WINDOWS\$NtServicePackUninstall$\afd.sys
[MD5.7618D5218F2A614672EC61A80D854A37] - [16/06/2011 22:12:46] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [135.25 Ko] - (5.1.2600.5695) - C:\WINDOWS\$NtUninstallKB2503665$\afd.sys
[MD5.7E775010EF291DA96AD17CA4B17137D7] - [31/05/2011 12:30:11] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [135.25 Ko] - (5.1.2600.5657) - C:\WINDOWS\$NtUninstallKB2509553$\afd.sys
[MD5.355556D9E580915118CD7EF736653A89] - [13/10/2011 13:41:18] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [135.25 Ko] - (5.1.2600.6081) - C:\WINDOWS\$NtUninstallKB2592799$\afd.sys
[MD5.322D0E36693D6E24A2398BEE62A268CD] - [31/05/2011 11:48:02] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [134.88 Ko] - (5.1.2600.5512) - C:\WINDOWS\$NtUninstallKB951748$\afd.sys
[MD5.5AC495F4CB807B2B98AD2AD591E6D92E] - [31/05/2011 11:03:32] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [135.25 Ko] - (5.1.2600.2180) - C:\WINDOWS\$NtUninstallKB951748_0$\afd.sys
[MD5.E3049B90FE06F3F740B7CFDA44995E2C] - [31/05/2011 11:49:19] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [135.25 Ko] - (5.1.2600.5625) - C:\WINDOWS\$NtUninstallKB956803$\afd.sys
[MD5.944CA435BFCFC82CC1ED9E3A7D731AA9] - [31/05/2011 11:04:34] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [135.13 Ko] - (5.1.2600.3394) - C:\WINDOWS\$NtUninstallKB956803_0$\afd.sys
[MD5.322D0E36693D6E24A2398BEE62A268CD] - [31/05/2011 11:14:17] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [134.88 Ko] - (5.1.2600.5512) - C:\WINDOWS\ServicePackFiles\i386\afd.sys
[MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - [20/06/2008 13:40:08] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [135.25 Ko] - (5.1.2600.6142) - C:\WINDOWS\system32\dllcache\afd.sys
[MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - [02/03/2006 14:00:00] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [135.25 Ko] - (5.1.2600.6142) - C:\WINDOWS\system32\drivers\afd.sys
[MD5.CDFE4411A69C224BD1D11B2DA92DAC51] - [31/05/2011 11:32:34] - (.© Microsoft Corporation. - IDE/ATAPI Port Driver.) - [93.13 Ko] - (5.1.2600.2180) - C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - [31/05/2011 11:14:18] - (.© Microsoft Corporation. - IDE/ATAPI Port Driver.) - [94.25 Ko] - (5.1.2600.5512) - C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - [02/03/2006 14:00:00] - (.© Microsoft Corporation. - IDE/ATAPI Port Driver.) - [94.25 Ko] - (5.1.2600.5512) - C:\WINDOWS\system32\drivers\atapi.sys
[MD5.AF9C19B3100FE010496B1A27181FBF72] - [31/05/2011 11:32:34] - (.© Microsoft Corporation. - SCSI CD-ROM Driver.) - [48.38 Ko] - (5.1.2600.2180) - C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - [31/05/2011 11:14:20] - (.© Microsoft Corporation. - SCSI CD-ROM Driver.) - [61.5 Ko] - (5.1.2600.5512) - C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - [02/03/2006 14:00:00] - (.© Microsoft Corporation. - SCSI CD-ROM Driver.) - [61.5 Ko] - (5.1.2600.5512) - C:\WINDOWS\system32\drivers\cdrom.sys
[MD5.0C80E410CD2F47134407EE7DD19CC86B] - [31/05/2011 11:32:33] - (.© Microsoft Corporation. - MBT Transport driver.) - [159 Ko] - (5.1.2600.2180) - C:\WINDOWS\$NtServicePackUninstall$\netbt.sys
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - [31/05/2011 11:14:54] - (.© Microsoft Corporation. - MBT Transport driver.) - [159 Ko] - (5.1.2600.5512) - C:\WINDOWS\ServicePackFiles\i386\netbt.sys
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - [02/03/2006 14:00:00] - (.© Microsoft Corporation. - MBT Transport driver.) - [159 Ko] - (5.1.2600.5512) - C:\WINDOWS\system32\drivers\netbt.sys
[MD5.313B1A0D5DB26DFE1C34A6C13B2CE0A7] - [31/05/2011 11:32:33] - (.© Microsoft Corporation. - Pilote de cliché instantané du volume.) - [52.13 Ko] - (5.1.2600.2180) - C:\WINDOWS\$NtServicePackUninstall$\volsnap.sys
[MD5.46DE1126684369BACE4849E4FC8C43CA] - [31/05/2011 11:15:10] - (.© Microsoft Corporation. - Pilote de cliché instantané du volume.) - [52.13 Ko] - (5.1.2600.5512) - C:\WINDOWS\ServicePackFiles\i386\volsnap.sys
[MD5.46DE1126684369BACE4849E4FC8C43CA] - [02/03/2006 14:00:00] - (.© Microsoft Corporation. - Pilote de cliché instantané du volume.) - [52.13 Ko] - (5.1.2600.5512) - C:\WINDOWS\system32\drivers\volsnap.sys

16:23:38

¤¤¤¤¤¤¤¤¤¤ | Processes stopped

ati2evxx.exe (1040) -> Process stopped !
ati2evxx.exe (1284) -> Process stopped !
explorer.exe (1692) -> Process stopped !
jusched.exe (664) -> Process stopped !
RTHDCPL.EXE (1104) -> Process stopped !
MOM.exe (1184) -> Process stopped !
IDMan.exe (1420) -> Process stopped !
ctfmon.exe (1460) -> Process stopped !
IEMonitor.exe (440) -> Process stopped !
CCC.exe (448) -> Process stopped !
jqs.exe (1648) -> Process stopped !
LVPrcSrv.exe (1876) -> Process stopped !
mbamscheduler.exe (1448) -> Process stopped !
NMSAccessU.exe (2320) -> Process stopped !
alg.exe (3076) -> Process stopped !

¤¤¤¤¤¤¤¤¤¤ | Running processes

Boot : Normal

[MD5.48E430297DA757F5CC2793CCFACAD5E7] - [02/03/2006 14:00:00] - 684 | C:\WINDOWS\System32\smss.exe (.Microsoft Corporation - Gestionnaire de session Windows NT.) - (5.1.2600.5512) -> \SystemRoot\System32\smss.exe [50688 Ko]
[MD5.3854F2A22DDED71A3504A9D0899F1C99] - [02/03/2006 14:00:00] - 788 | C:\WINDOWS\system32\winlogon.exe (.Microsoft Corporation - Application d'ouverture de session Windows NT.) - (5.1.2600.5512) -> winlogon.exe [512000 Ko]
[MD5.C3FB1D70CB88722267949694BA51759E] - [02/03/2006 14:00:00] - 832 | C:\WINDOWS\system32\services.exe (.Microsoft Corporation - Applications Services et Contrôleur.) - (5.1.2600.5755) -> C:\WINDOWS\system32\services.exe [111104 Ko]
[MD5.91E6024D6D4DCDECDB36C43ECF9BBECB] - [02/03/2006 14:00:00] - 844 | C:\WINDOWS\system32\lsass.exe (.Microsoft Corporation - LSA Shell (Export Version).) - (5.1.2600.5512) -> C:\WINDOWS\system32\lsass.exe [13312 Ko]
[MD5.E4BDF223CD75478BF44567B4D5C2634D] - [02/03/2006 14:00:00] - 1060 | C:\WINDOWS\system32\svchost.exe (.Microsoft Corporation - Generic Host Process for Win32 Services.) - (5.1.2600.5512) -> C:\WINDOWS\system32\svchost -k DcomLaunch [14336 Ko]
[MD5.E4BDF223CD75478BF44567B4D5C2634D] - [02/03/2006 14:00:00] - 1264 | C:\WINDOWS\system32\svchost.exe (.Microsoft Corporation - Generic Host Process for Win32 Services.) - (5.1.2600.5512) -> C:\WINDOWS\system32\svchost.exe -k netsvcs [14336 Ko]
[MD5.04AC21E821F259845BD7367CEE057290] - [31/05/2011 10:44:07] - 1520 | C:\Program Files\AVAST Software\Avast\AvastSvc.exe (.AVAST Software - avast! Service.) - (7.0.1466.549) -> "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" [44808 Ko]
[MD5.4F8FD8DEBD4784C36168A27EEA5F7CD3] - [31/05/2011 10:44:07] - 484 | C:\Program Files\AVAST Software\Avast\avastUI.exe (.AVAST Software - avast! Antivirus.) - (7.0.1466.549) -> "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [4282728 Ko]
[MD5.5F72F7B89D2FFFF87786231DB9F92BCF] - [25/09/2012 13:20:53] - 2260 | C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - (1.65.0.0) -> "C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe" [676936 Ko]
[MD5.E4BDF223CD75478BF44567B4D5C2634D] - [02/03/2006 14:00:00] - 2424 | C:\WINDOWS\system32\svchost.exe (.Microsoft Corporation - Generic Host Process for Win32 Services.) - (5.1.2600.5512) -> C:\WINDOWS\system32\svchost.exe -k imgsvc [14336 Ko]
[MD5.6E1D625FB27B9090E9B0A75EE5D6EFE1] - [25/09/2012 15:46:09] - 3776 | C:\Documents and Settings\Jacques\Mes documents\Téléchargements\Pre_Scan.pif (. - g3n-h@ckm@n.) - (2.0.9.25) -> "C:\Documents and Settings\Jacques\Mes documents\Téléchargements\Pre_Scan.pif" [1757869 Ko]

¤¤¤¤¤¤¤¤¤¤ | Winlogon


¤

[HKLM | Winlogon]|[Shell] : Explorer.exe
[HKLM | Winlogon]|[AutoRestartShell] : 0
[HKLM | Winlogon]|[userinit] : C:\WINDOWS\system32\userinit.exe,
[HKLM | Winlogon]|[PowerDownAfterShutdown] : 0 -> 1
[HKLM | Winlogon]|[System] :

¤¤¤¤¤¤¤¤¤¤ | Associations

[.exe] : exefile
[exefile | command] : "%1" %*
[.com] : comfile
[comfile | command] : "%1" %*
[.reg] : regfile
[regfile | command] : regedit.exe "%1"
[.scr] : scrfile
[scrfile | command] : "%1" /S
[.bat] : batfile
[batfile | command] : "%1" %*
[.cmd] : cmdfile
[cmdfile | command] : "%1" %*
[.pif] : piffile
[piffile | command] : "%1" %*
[.url] : InternetShortcut
[InternetShortcut | command] : "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l
[Application.Manifest | command] : rundll32.exe dfshim.dll,ShOpenVerbApplication %1
[Application.Reference | command] : rundll32.exe dfshim.dll,ShOpenVerbShortcut %1|%2
[Folder | command] : C:\WINDOWS\explorer.exe

¤

[Firefox | Command] | @ : "C:\Program Files\Mozilla Firefox\Firefox.exe"
[Firefox - Safemode | Command] | @ : "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode
[IE | Command] | @ : "C:\Program Files\Internet Explorer\iexplore.exe"
[Applications | IE | Command] | @ : "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1
[Chrome | Command] | @ : "C:\Program Files\Google\Chrome\Application\chrome.exe"
[Assoc | Applications] | @ : http://shell.windows.com/fileassoc/%04x/xml/redir.asp?Ext=%s

¤¤¤¤¤¤¤¤¤¤ | Corrections diverses

[HKLM | Advanced\Folder\Hidden\SHOWALL]|[CheckedValue] : 1
[HKLM | CurrentVersion\Explorer]|[AlwaysUnloadDll] : 1
[HKU\S-1-5-19 | Desktop]|[Wallpaper] : (Aucun)
[HKU\S-1-5-20 | Desktop]|[Wallpaper] : (Aucun)
[HKU\S-1-5-21-2025429265-583907252-839522115-1004 | Desktop]|[Wallpaper] : C:\Documents and Settings\Jacques\Application Data\Microsoft\Wallpaper1.bmp
[HKU\S-1-5-18 | Desktop]|[Wallpaper] : (Aucun)
[HKU\S-1-5-19 | Explorer\Advanced]|[Hidden] : 0
[HKU\S-1-5-19_Classes | Explorer\Advanced]|[Hidden] : 0
[HKU\S-1-5-20 | Explorer\Advanced]|[Hidden] : 0
[HKU\S-1-5-20_Classes | Explorer\Advanced]|[Hidden] : 0
[HKU\S-1-5-21-2025429265-583907252-839522115-1004 | Explorer\Advanced]|[Hidden] : 0
[HKU\S-1-5-21-2025429265-583907252-839522115-1004_Classes | Explorer\Advanced]|[Hidden] : 0
[HKU\S-1-5-18 | Explorer\Advanced]|[Hidden] : 0
[HKU\S-1-5-19 | Policies\Explorer]|[NoDriveTypeAutoRun] : 145
[HKU\S-1-5-20 | Policies\Explorer]|[NoDriveTypeAutoRun] : 145
[HKU\S-1-5-21-2025429265-583907252-839522115-1004 | Policies\Explorer]|[NoDriveTypeAutoRun] : 145
[HKU\S-1-5-18 | Policies\Explorer]|[NoDriveTypeAutoRun] : 145
[HKLM | policies\Explorer]|[HonorAutoRunSetting] : 1
[HKLM | Control\SafeBoot]|[AlternateShell] : cmd.exe
[HKLM | HideDesktopIcons\NewStartPanel]|[{20D04FE0-3AEA-1069-A2D8-08002B30309D}] : 0
[HKLM | HideDesktopIcons\NewStartPanel]|[{208D2C60-3AEA-1069-A2D7-08002B30309D}] : 0
[HKLM | HideDesktopIcons\NewStartPanel]|[{871C5380-42A0-1069-A2EA-08002B30309D}] : 0

16:23:52

¤¤¤¤¤¤¤¤¤¤ | SafeBoot | Control | Repair

[HKLM | Safeboot] -> OK
[HKLM | Safeboot\Minimal] -> OK
[HKLM | Safeboot\Network] -> OK

¤

[HKLM | Minimal\Base] : Driver Group -> OK
[HKLM | Minimal\Boot Bus Extender] : Driver Group -> OK
[HKLM | Minimal\Boot file system] : Driver Group -> OK
[HKLM | Minimal\File system] : Driver Group -> OK
[HKLM | Minimal\Filter] : Driver Group -> OK
[HKLM | Minimal\PCI Configuration] : Driver Group -> OK
[HKLM | Minimal\PNP Filter] : Driver Group -> OK
[HKLM | Minimal\Primary disk] : Driver Group -> OK
[HKLM | Minimal\SCSI Class] : Driver Group -> OK
[HKLM | Minimal\System Bus Extender] : Driver Group -> OK
[HKLM | Minimal\AppMgmt] : Service -> OK
[HKLM | Minimal\CryptSvc] : Service -> OK
[HKLM | Minimal\DcomLaunch] : Service -> OK
[HKLM | Minimal\dmadmin] : Service -> OK
[HKLM | Minimal\dmserver] : Service -> OK
[HKLM | Minimal\EventLog] : Service -> OK
[HKLM | Minimal\HelpSvc] : Service -> OK
[HKLM | Minimal\Netlogon] : Service -> OK
[HKLM | Minimal\PlugPlay] : Service -> OK
[HKLM | Minimal\RpcSs] : Service -> OK
[HKLM | Minimal\SRService] : Service -> OK
[HKLM | Minimal\vds] : Service -> OK
[HKLM | Minimal\WinMgmt] : Service -> OK
[HKLM | Minimal\dmboot.sys] : Driver -> OK
[HKLM | Minimal\dmio.sys] : Driver -> OK
[HKLM | Minimal\dmload.sys] : Driver -> OK
[HKLM | Minimal\sermouse.sys] : Driver -> OK
[HKLM | Minimal\vga.sys] : Driver -> OK
[HKLM | Minimal\vgasave.sys] : Driver -> OK
[HKLM | Minimal\sr.sys] : FSFilter System Recovery -> OK
[HKLM | Minimal\{36FC9E60-C465-11CF-8056-444553540000}] : Universal Serial Bus controllers -> OK
[HKLM | Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] : CD-ROM Drive -> OK
[HKLM | Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] : DiskDrive -> OK
[HKLM | Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] : Standard floppy disk controller -> OK
[HKLM | Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] : Hdc -> OK
[HKLM | Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] : Keyboard -> OK
[HKLM | Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] : Mouse -> OK
[HKLM | Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] : PCMCIA Adapters -> OK
[HKLM | Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] : SCSIAdapter -> OK
[HKLM | Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] : System -> OK
[HKLM | Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] : Floppy disk drive -> OK
[HKLM | Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] : Volume shadow copy -> OK
[HKLM | Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] : Volume -> OK
[HKLM | Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] : Human Interface Devices -> OK

¤

[HKLM | Network\Base] : Driver Group -> OK
[HKLM | Network\Boot Bus Extender] : Driver Group -> OK
[HKLM | Network\Boot file system] : Driver Group -> OK
[HKLM | Network\File system] : Driver Group -> OK
[HKLM | Network\Filter] : Driver Group -> OK
[HKLM | Network\NDIS] : Driver Group -> OK
[HKLM | Network\NDIS Wrapper] : Driver Group -> OK
[HKLM | Network\NetBIOSGroup] : Driver Group -> OK
[HKLM | Network\NetDDEGroup] : Driver Group -> OK
[HKLM | Network\Network] : Driver Group -> OK
[HKLM | Network\NetworkProvider] : Driver Group -> OK
[HKLM | Network\PCI Configuration] : Driver Group -> OK
[HKLM | Network\PNP Filter] : Driver Group -> OK
[HKLM | Network\PNP_TDI] : Driver Group -> OK
[HKLM | Network\Primary disk] : Driver Group -> OK
[HKLM | Network\SCSI Class] : Driver Group -> OK
[HKLM | Network\Streams Drivers] : Driver Group -> OK
[HKLM | Network\System Bus Extender] : Driver Group -> OK
[HKLM | Network\TDI] : Driver Group -> OK
[HKLM | Network\AFD] : Service -> OK
[HKLM | Network\AppMgmt] : Service -> OK
[HKLM | Network\Browser] : Service -> OK
[HKLM | Network\CryptSvc] : Service -> OK
[HKLM | Network\DcomLaunch] : Service -> OK
[HKLM | Network\Dhcp] : Service -> OK
[HKLM | Network\dmadmin] : Service -> OK
[HKLM | Network\dmserver] : Service -> OK
[HKLM | Network\DnsCache] : Service -> OK
[HKLM | Network\EventLog] : Service -> OK
[HKLM | Network\HelpSvc] : Service -> OK
[HKLM | Network\LanmanServer] : Service -> OK
[HKLM | Network\LanmanWorkstation] : Service -> OK
[HKLM | Network\LmHosts] : Service -> OK
[HKLM | Network\Messenger] : Service -> OK
[HKLM | Network\Ndisuio] : Service -> OK
[HKLM | Network\NetBIOS] : Service -> OK
[HKLM | Network\NetBT] : Service -> OK
[HKLM | Network\Netlogon] : Service -> OK
[HKLM | Network\NetMan] : Service -> OK
[HKLM | Network\NtLmSsp] : Service -> OK
[HKLM | Network\PlugPlay] : Service -> OK
[HKLM | Network\rdsessmgr] : Service -> OK
[HKLM | Network\RpcSs] : Service -> OK
[HKLM | Network\sharedaccess] : Service -> OK
[HKLM | Network\SRService] : Service -> OK
[HKLM | Network\Tcpip] : Service -> OK
[HKLM | Network\termservice] : Service -> OK
[HKLM | Network\vds] : -> Service
[HKLM | Network\WinMgmt] : Service -> OK
[HKLM | Network\WZCSVC] : Service -> OK
[HKLM | Network\dmboot.sys] : Driver -> OK
[HKLM | Network\dmio.sys] : Driver -> OK
[HKLM | Network\dmload.sys] : Driver -> OK
[HKLM | Network\ipnat.sys] : Driver -> OK
[HKLM | Network\ip6fw.sys] : Driver -> OK
[HKLM | Network\rdpcdd.sys] : Driver -> OK
[HKLM | Network\sr.sys] : FSFilter System Recovery -> OK
[HKLM | Network\{36FC9E60-C465-11CF-8056-444553540000}] : Universal Serial Bus controllers -> OK
[HKLM | Network\{4D36E965-E325-11CE-BFC1-08002BE10318}] : CD-ROM Drive -> OK
[HKLM | Network\{4D36E967-E325-11CE-BFC1-08002BE10318}] : DiskDrive -> OK
[HKLM | Network\{4D36E969-E325-11CE-BFC1-08002BE10318}] : Standard floppy disk controller -> OK
[HKLM | Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] : Hdc -> OK
[HKLM | Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] : Keyboard -> OK
[HKLM | Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] : Mouse -> OK
[HKLM | Network\{4D36E972-E325-11CE-BFC1-08002BE10318}] : Net -> OK
[HKLM | Network\{4D36E973-E325-11CE-BFC1-08002BE10318}] : NetClient -> OK
[HKLM | Network\{4D36E974-E325-11CE-BFC1-08002BE10318}] : NetService -> OK
[HKLM | Network\{4D36E975-E325-11CE-BFC1-08002BE10318}] : NetTrans -> OK
[HKLM | Network\{4D36E977-E325-11CE-BFC1-08002BE10318}] : PCMCIA Adapters -> OK
[HKLM | Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}] : SCSIAdapter -> OK
[HKLM | Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}] : System -> OK
[HKLM | Network\{4D36E980-E325-11CE-BFC1-08002BE10318}] : Floppy disk drive -> OK
[HKLM | Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] : Volume -> OK
[HKLM | Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] : Human Interface Devices -> OK

¤¤¤¤¤¤¤¤¤¤ | IFEO


¤¤¤¤¤¤¤¤¤¤ | Mountpoints2

Deleted : HKU\S-1-5-21-2025429265-583907252-839522115-1004 | {9379975c-d721-11e1-a645-0019db299076} | AutoRun\command] : M:\Startme.exe
Deleted : HKU\S-1-5-21-2025429265-583907252-839522115-1004 | {a56e459c-c859-11e1-a0e4-0019db299076} | AutoRun\command] : M:\TX_Music_USB_DN.exe


¤¤¤¤¤¤¤¤¤¤ | Windows

[HKLM | Session Manager\SubSystems]|[Windows] : winsrv : %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]|[AppInit_DLLS] :
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]|[LoadAppInit_DLLs] : 1

[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]|[Programs] : com exe bat pif cmd

¤¤¤¤¤¤¤¤¤¤ | Security Center

[HKLM | Security Center]|[FirstRunDisabled] : 1
[HKLM | Security Center]|[AntiVirusDisableNotify] : 0
[HKLM | Security Center]|[AntiVirusOverride] : 0
[HKLM | Security Center]|[FirewallDisableNotify] : 0
[HKLM | Security Center]|[FirewallOverride] : 0
[HKLM | Security Center]|[UpdatesDisableNotify] : 0

[HKLM\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKLM\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKLM\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKLM\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKLM\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKLM\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKLM\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKLM\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKLM\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKLM\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKLM\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKLM\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKLM\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKLM\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKLM | FirewallPolicy\StandardProfile]|[DisableNotifications] : 0

¤¤¤¤¤¤¤¤¤¤ | Services Corrections

[RPCSS] : 2 : Actif
[srService] : 2 : Inactif
[PlugPlay] : 2 : Actif
[Parvdm] : 2 : Inactif
[lmhosts] : 2 : Actif
[LanmanWorkstation] : 2 : Actif
[LanmanServer] : 2 : Actif
[Audiosrv] : 2 : Actif
[ERSvc] : 2 : Actif
[Bits] : 3 -> 2 : Inactif
[CryptSvc] : 3 -> 2 : Actif
[EapHost] : 3 -> 2 : Inactif
[SharedAccess] : 2 : Actif
[winmgmt] : 2 : Actif
[wuauserv] : 2 : Inactif
[wudfsvc] : 2 : Inactif
[wscsvc] : 2 : Inactif
[wzcsvc] : 2 : Inactif
[Ndisuio] : 3 : Inactif

16:23:56

¤¤¤¤¤¤¤¤¤¤ | Internet Explorer

[HKU\S-1-5-21-2025429265-583907252-839522115-1004 | Main]|[Start Page] : https://www.google.com/?gws_rd=ssl -> https://www.google.com/?gws_rd=ssl
[HKU\S-1-5-21-2025429265-583907252-839522115-1004 | Main]|[Local Page] : C:\WINDOWS\system32\blank.htm

[HKLM | Search]|[SearchAssistant] : -> http://www.google.com/toolbar/ie8/sidebar.html
[HKLM | Main]|[Start Page] : https://www.msn.com/fr-fr -> https://www.msn.com/fr-fr/?ocid=iehp
[HKLM | Main]|[Local Page] : C:\WINDOWS\system32\blank.htm
[HKLM | Main]|[Default_Search_URL] : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
[HKLM | Main]|[Default_Page_URL] : https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF -> https://www.msn.com/fr-fr/?ocid=iehp
[HKLM | Main]|[Search Page] : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
[HKLM | AboutURLs]|[Tabs] : https://www.google.com/?gws_rd=ssl -> res://ieframe.dll/tabswelcome.htm

¤

[HKU\S-1-5-21-2025429265-583907252-839522115-1004 | PhishingFilter]|[EnabledV8] : 1
[HKU\S-1-5-21-2025429265-583907252-839522115-1004 | Internet settings]|[ProxyOverride] : <local> -> *.local
[HKU\S-1-5-21-2025429265-583907252-839522115-1004 | Internet settings]|[EnableHttp1_1] : 1
[HKU\S-1-5-19 | Internet settings]|[MigrateProxy] : 0 -> 1
[HKU\S-1-5-20 | Internet settings]|[MigrateProxy] : 0 -> 1
[HKU\S-1-5-21-2025429265-583907252-839522115-1004 | Internet settings]|[MigrateProxy] : 1
[HKU\S-1-5-18 | Internet settings]|[MigrateProxy] : 0 -> 1
[HKU\S-1-5-21-2025429265-583907252-839522115-1004 | Internet settings]|[AutoConfigProxy] : wininet.dll


¤¤¤¤¤¤¤¤¤¤ | Firefox


Profile : 2f69gkgq.default

user_pref("browser.download.lastDir", "C:\\Documents and Settings\\Jacques\\Bureau");
user_pref("browser.startup.homepage", "https://www.google.fr/?gws_rd=ssl");
user_pref("browser.startup.homepage_override.buildID", "20120905151427");
user_pref("browser.startup.homepage_override.mstone", "15.0.1");
line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !important; background: url(\"IMAGE\") right no-repeat}");
line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.url", "^http(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");

¤¤¤¤¤¤¤¤¤¤ | Extensions | Plugins

C:\Documents and Settings\Jacques\Application Data\Mozilla\Firefox\Profiles\2f69gkgq.default\extensions\23baa9e5b844e7c436f5970881824514ece44c7b@builder.extensionfactory.com
C:\Documents and Settings\Jacques\Application Data\Mozilla\Firefox\Profiles\2f69gkgq.default\extensions\DivXWebPlayer@divx.com.xpi
C:\Documents and Settings\Jacques\Application Data\Mozilla\Firefox\Profiles\2f69gkgq.default\extensions\elemhidehelper@adblockplus.org.xpi
C:\Documents and Settings\Jacques\Application Data\Mozilla\Firefox\Profiles\2f69gkgq.default\extensions\fastdebrid@gmail.com.xpi
C:\Documents and Settings\Jacques\Application Data\Mozilla\Firefox\Profiles\2f69gkgq.default\extensions\mozilla_cc@internetdownloadmanager.com
C:\Documents and Settings\Jacques\Application Data\Mozilla\Firefox\Profiles\2f69gkgq.default\extensions\real@debrid
C:\Documents and Settings\Jacques\Application Data\Mozilla\Firefox\Profiles\2f69gkgq.default\extensions\translator@zoli.bod.xpi
C:\Documents and Settings\Jacques\Application Data\Mozilla\Firefox\Profiles\2f69gkgq.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
C:\Documents and Settings\Jacques\Application Data\Mozilla\Firefox\Profiles\2f69gkgq.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
C:\Documents and Settings\Jacques\Application Data\Mozilla\Firefox\Profiles\2f69gkgq.default\extensions\23baa9e5b844e7c436f5970881824514ece44c7b@builder.extensionfactory.com
C:\Documents and Settings\Jacques\Application Data\Mozilla\Firefox\Profiles\2f69gkgq.default\extensions\DivXWebPlayer@divx.com.xpi
C:\Documents and Settings\Jacques\Application Data\Mozilla\Firefox\Profiles\2f69gkgq.default\extensions\elemhidehelper@adblockplus.org.xpi
C:\Documents and Settings\Jacques\Application Data\Mozilla\Firefox\Profiles\2f69gkgq.default\extensions\fastdebrid@gmail.com.xpi
C:\Documents and Settings\Jacques\Application Data\Mozilla\Firefox\Profiles\2f69gkgq.default\extensions\mozilla_cc@internetdownloadmanager.com
C:\Documents and Settings\Jacques\Application Data\Mozilla\Firefox\Profiles\2f69gkgq.default\extensions\real@debrid
C:\Documents and Settings\Jacques\Application Data\Mozilla\Firefox\Profiles\2f69gkgq.default\extensions\translator@zoli.bod.xpi
C:\Documents and Settings\Jacques\Application Data\Mozilla\Firefox\Profiles\2f69gkgq.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
C:\Documents and Settings\Jacques\Application Data\Mozilla\Firefox\Profiles\2f69gkgq.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
C:\Program Files\Mozilla Firefox\searchplugins\bing.xml
C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
C:\Program Files\Mozilla Firefox\searchplugins\google.xml
C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml


¤¤¤¤¤¤¤¤¤¤ | DNS

[HKLM\SYSTEM\CCS | Tcpip\Parameters]|[DhcpNameServer] : 192.168.1.1
[HKLM\SYSTEM\ControlSet001 | Interfaces\{C714CA58-43A3-4738-A940-BA2E884BF422}]|[DhcpNameServer] : 192.168.1.1
[HKLM\SYSTEM\ControlSet003 | Interfaces\{C714CA58-43A3-4738-A940-BA2E884BF422}]|[DhcpNameServer] : 192.168.1.1
[HKLM\SYSTEM\CurrentControlSet | Interfaces\{C714CA58-43A3-4738-A940-BA2E884BF422}]|[DhcpNameServer] : 192.168.1.1

¤¤¤¤¤¤¤¤¤¤ | Hosts

C:\WINDOWS\System32\Drivers\etc\hosts : Cleaned :)

¤¤¤¤¤¤¤¤¤¤ | Files | Folders | Registry

Quarantined and deleted Successfully : |ASH| - C:\Recycler\S-1-5-21-2025429265-583907252-839522115-1004\desktop.ini
Quarantined and deleted Successfully : |AH| - C:\Recycler\S-1-5-21-2025429265-583907252-839522115-1004\INFO2
Quarantined and deleted Successfully : |ASH| - C:\Recycler\S-1-5-21-2025429265-583907252-839522115-500\desktop.ini
Quarantined and deleted Successfully : |AH| - C:\Recycler\S-1-5-21-2025429265-583907252-839522115-500\INFO2
Deleted : [HKLM\Software\Mircrosoft]

Quarantined and deleted Successfully : C:\WINDOWS\002585_.tmp
Quarantined and deleted Successfully : C:\WINDOWS\DUMP465f.tmp
Quarantined and deleted Successfully : C:\WINDOWS\DUMP5062.tmp
Quarantined and deleted Successfully : C:\WINDOWS\DUMP517b.tmp
Impossible to move : C:\WINDOWS\msdownld.tmp
Quarantined and deleted Successfully : C:\WINDOWS\SET25.tmp
Quarantined and deleted Successfully : C:\WINDOWS\SET3.tmp
Quarantined and deleted Successfully : C:\WINDOWS\SET4.tmp
Quarantined and deleted Successfully : C:\WINDOWS\SET8.tmp
Quarantined and deleted Successfully : C:\DOCUME~1\Jacques\LOCALS~1\Temp\9b93aee4-5d0f-43c6-98ae-ec0b1e7534ab\CliSecureRT.dll
Quarantined and deleted Successfully : C:\DOCUME~1\Jacques\LOCALS~1\Temp\AdobeARM.log
Quarantined and deleted Successfully : C:\DOCUME~1\Jacques\LOCALS~1\Temp\Arabic.bin
Quarantined and deleted Successfully : C:\DOCUME~1\Jacques\LOCALS~1\Temp\Czech.bin
Quarantined and deleted Successfully : C:\DOCUME~1\Jacques\LOCALS~1\Temp\Danish.bin
Quarantined and deleted Successfully : C:\DOCUME~1\Jacques\LOCALS~1\Temp\Dutch.bin
Quarantined and deleted Successfully : C:\DOCUME~1\Jacques\LOCALS~1\Temp\English.bin
Quarantined and deleted Successfully : C:\DOCUME~1\Jacques\LOCALS~1\Temp\Finnish.bin
Quarantined and deleted Successfully : C:\DOCUME~1\Jacques\LOCALS~1\Temp\French.bin
Quarantined and deleted Successfully : C:\DOCUME~1\Jacques\LOCALS~1\Temp\German.bin
Quarantined and deleted Successfully : C:\DOCUME~1\Jacques\LOCALS~1\Temp\Greek.bin
Quarantined and deleted Successfully : C:\DOCUME~1\Jacques\LOCALS~1\Temp\Hebrew.bin
Quarantined and deleted Successfully : C:\DOCUME~1\Jacques\LOCALS~1\Temp\Hungarian.bin
Quarantined and deleted Successfully : C:\DOCUME~1\Jacques\LOCALS~1\Temp\Italian.bin
Quarantined and deleted Successfully : C:\DOCUME~1\Jacques\LOCALS~1\Temp\Japanese.bin
Quarantined and deleted Successfully : C:\DOCUME~1\Jacques\LOCALS~1\Temp\jusched.log
Quarantined and deleted Successfully : C:\DOCUME~1\Jacques\LOCALS~1\Temp\KiesInstall.Log
Quarantined and deleted Successfully : C:\DOCUME~1\Jacques\LOCALS~1\Temp\Korean.bin
Quarantined and deleted Successfully : C:\DOCUME~1\Jacques\LOCALS~1\Temp\Norwegian.bin
Quarantined and deleted Successfully : C:\DOCUME~1\Jacques\LOCALS~1\Temp\Polish.bin
Quarantined and deleted Successfully : C:\DOCUME~1\Jacques\LOCALS~1\Temp\Portuguese(Brazil).bin
Quarantined and deleted Successfully : C:\DOCUME~1\Jacques\LOCALS~1\Temp\Portuguese.bin
Quarantined and deleted Successfully : C:\DOCUME~1\Jacques\LOCALS~1\Temp\Russian.bin
Quarantined and deleted Successfully : C:\DOCUME~1\Jacques\LOCALS~1\Temp\SimChin.bin
Quarantined and deleted Successfully : C:\DOCUME~1\Jacques\LOCALS~1\Temp\Spanish.bin
Quarantined and deleted Successfully : C:\DOCUME~1\Jacques\LOCALS~1\Temp\SWEDISH.bin
Quarantined and deleted Successfully : C:\DOCUME~1\Jacques\LOCALS~1\Temp\Thai.bin
Quarantined and deleted Successfully : C:\DOCUME~1\Jacques\LOCALS~1\Temp\TradChin.bin
Quarantined and deleted Successfully : C:\DOCUME~1\Jacques\LOCALS~1\Temp\Turkish.bin
Impossible to move : C:\DOCUME~1\Jacques\LOCALS~1\Temp\~DF17FB.tmp
Quarantined and deleted Successfully : C:\WINDOWS\Temp\logishrd\LVPrcInj01.dll
Impossible to move : C:\Documents and Settings\Jacques\Application Data\3d3.com
Quarantined and deleted Successfully : C:\Documents and Settings\Jacques\Application Data\79g7gg.sys
Quarantined and deleted Successfully : C:\Documents and Settings\Jacques\Application Data\Bubble Dock.boostrap.log
Quarantined and deleted Successfully : C:\Documents and Settings\Jacques\Application Data\Bubble Dock.installation.log
Quarantined and deleted Successfully : C:\Documents and Settings\Jacques\Application Data\DAEMON Tools Lite\ImgList.dat
Quarantined and deleted Successfully : C:\Documents and Settings\Jacques\Application Data\Grand Theft Auto IV.bat
Quarantined and deleted Successfully : C:\Documents and Settings\Jacques\Application Data\IDM\cnlurllist.dat
Quarantined and deleted Successfully : C:\Documents and Settings\Jacques\Application Data\IDM\defextmap.dat
Quarantined and deleted Successfully : C:\Documents and Settings\Jacques\Application Data\IDM\GlobalErrors.log
Quarantined and deleted Successfully : C:\Documents and Settings\Jacques\Application Data\IDM\idmupdt.exe
Quarantined and deleted Successfully : C:\Documents and Settings\Jacques\Application Data\IDM\sts_list.dat
Quarantined and deleted Successfully : C:\Documents and Settings\Jacques\Application Data\IDM\urlexclist.dat
Quarantined and deleted Successfully : C:\Documents and Settings\Jacques\Application Data\m4ng\ffmpeg_debug.bat
Quarantined and deleted Successfully : C:\Documents and Settings\Jacques\Application Data\m4ng\goaudio.bat
Quarantined and deleted Successfully : C:\Documents and Settings\Jacques\Application Data\m4ng\m4ng_protect.dat
Quarantined and deleted Successfully : C:\Documents and Settings\Jacques\Application Data\WinRAR\version.dat
Quarantined and deleted Successfully : C:\Documents and Settings\Jacques\Application Data\Microsoft\HTML Help\hh.dat
Quarantined and deleted Successfully : C:\Documents and Settings\Jacques\Application Data\Microsoft\MSXML2\msxml4.dll
Quarantined and deleted Successfully : C:\Documents and Settings\Jacques\Application Data\Microsoft\MSXML2\msxml4a.dll
Quarantined and deleted Successfully : C:\Documents and Settings\Jacques\Application Data\Microsoft\MSXML2\msxml4r.dll
Quarantined and deleted Successfully : C:\Documents and Settings\Jacques\Application Data\Microsoft\Office\fbc1ED.tmp
Quarantined and deleted Successfully : C:\Documents and Settings\Jacques\Application Data\Microsoft\OIS\Toolbars.dat
Quarantined and deleted Successfully : C:\Documents and Settings\Jacques\Application Data\Microsoft\UProof\CMAdj.12.bin
Quarantined and deleted Successfully : C:\Documents and Settings\Jacques\Application Data\Microsoft\Word\ListGal.dat
Quarantined and deleted Successfully : C:\Documents and Settings\Jacques\Local Settings\Application Data\SecondLife\avatar_name_cache.xml
Quarantined and deleted Successfully : C:\Documents and Settings\Jacques\Local Settings\Application Data\SecondLife\data.db2.x.31827
Quarantined and deleted Successfully : C:\Documents and Settings\Jacques\Local Settings\Application Data\SecondLife\index.db2.x.31827
Quarantined and deleted Successfully : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy Interactive Inc\Yummy.Core.Logging.Log
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Impossible to move : C:\Documents and Settings\Jacques\Local Settings\Application Data\Yummy_Interactive_Inc\yummy.launcher.exe_Url_r5admtc1zfcvqvcyfxfadaz12vmie31z
Quarantined and deleted Successfully : C:\Documents and Settings\All Users\Application Data\Copernic\CopernicSystemPro.dll
Quarantined and deleted Successfully : C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite\license.dat
Quarantined and deleted Successfully : C:\Documents and Settings\All Users\Application Data\FLEXnet\SRSLABS_00988c00_tsf.data
Quarantined and deleted Successfully : C:\Documents and Settings\All Users\Application Data\FLEXnet\SRSLABS_00988c00_tsf.data_backup.001
Quarantined and deleted Successfully : C:\Documents and Settings\Jacques\CCCInstall_201105311510158750.log
Quarantined and deleted Successfully : C:\Documents and Settings\Jacques\debug.log

16:29:36

Impossible to move : C:\Documents and Settings\Jacques\Menu Démarrer\Programmes\Internet Download Manager
Impossible to move : C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Internet Download Manager
Quarantined and deleted Successfully : C:\Documents and Settings\Jacques\Menu Démarrer\Video Converter Uninstall Video Converter.lnk
Quarantined and deleted Successfully : C:\Documents and Settings\Jacques\Bureau\2_g10.jpg
Quarantined and deleted Successfully : C:\Documents and Settings\Jacques\Bureau\amnesia_tdd_demo_1.0.zip
Quarantined and deleted Successfully : C:\WINDOWS\XSxS
Quarantined and deleted Successfully : |D| - C:\Documents and Settings\Jacques\Application Data\Sun\Java\Deployment\cache\6.0
Quarantined and deleted Successfully : C:\Documents and Settings\Jacques\Modèles\SamsungKiesSetup.exe
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\0000E33B.EXE-0241C562.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\ACRORD32.EXE-19C3D96E.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\ADWCLEANER_4.EXE-1E95ABD6.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\ALG.EXE-0F138680.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\AU_.EXE-310F5602.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\AVASTEMUPDATE.EXE-033BD90D.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\AVASTSVC.EXE-2FF42CC2.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\AVASTUI.EXE-0B3C80E5.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\BABYLONTOOLBARSRV.EXE-08CD5ADB.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\CCC.EXE-2F1AF7F1.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\CCLEANER.EXE-0BCE437C.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\CHROME.EXE-06157C0F.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\CHROME.EXE-06157C12.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\CLISTART.EXE-315E0C43.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\CMD.EXE-087B4001.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\COCIMANAGER.EXE-046DBC57.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\CONNECTIONMANAGER.EXE-02857AA2.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\CONNECTIONMANAGER.EXE-3A872C5F.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\CONTROL.EXE-013DBFB5.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\CTFMON.EXE-0E17969B.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\DEFRAG.EXE-273F131E.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\DEVICEDATASERVICE.EXE-2C6EB740.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\DEVICEMANAGER.EXE-201B4FE9.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\DEVICEMANAGER.EXE-30082278.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\DFRGNTFS.EXE-269967DF.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\DGDERSVC.EXE-154C9497.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\DRWTSN32.EXE-2B4B52AC.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\DUMPREP.EXE-1B46F901.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\DWWIN.EXE-30875ADC.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\EXPLORER.EXE-082F38A9.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\FACEBOOKUPDATE.EXE-2B2AE61C.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\FIREFOX.EXE-28641590.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\FLASHPLAYERINSTALLER.EXE-202A7CDB.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\FLASHPLAYERUPDATESERVICE.EXE-34BC5027.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\FSUSBEXADMIN.EXE-33161A3A.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\FSUSBEXSERVICE.EXE-270893C6.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\GOOGLECRASHHANDLER.EXE-1A47A643.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\GOOGLECRASHHANDLER.EXE-2AE91E26.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\GOOGLEUPDATE.EXE-04BDC9B8.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\GOOGLEUPDATE.EXE-1E123D86.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\GOOGLEUPDATESETUP.EXE-02B7C4DB.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\GROOVE.EXE-1C3B05AB.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\HELPCTR.EXE-3862B6F5.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\HELPSVC.EXE-2878DDA2.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\IEMONITOR.EXE-2D8B91C4.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\IEXPLORE.EXE-27122324.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\IMAPI.EXE-0BF740A4.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\IS64TEST.EXE-08DCB656.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\ISEXISTPROCESS.EXE-144889FD.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\JAVA.EXE-0C263507.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\JAVAW.EXE-2DC32ABC.pf
Quarantined and deleted successfully : C:\WINDOWS\Prefetch\J
0
Réponse 3 / 23
jacknico Messages postés 26 Date d'inscription   Statut Membre Dernière intervention  
 
ok je fait ça !
0
Réponse 4 / 23
jacknico Messages postés 26 Date d'inscription   Statut Membre Dernière intervention  
 
cijoint ne m arche pas et pijoint non plus ??? comment t'envoyer le rapport ?
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 23
Utilisateur anonyme
 
si ils fonctionnent.....il est trop long il rentre pas....

zippe-le au pire et tente d'envoyer l archive
0
jacknico Messages postés 26 Date d'inscription   Statut Membre Dernière intervention  
 
https://pjjoint.malekal.com/files.php?id=20120925_q7d5m7d5e14
0
Réponse 6 / 23
jacknico Messages postés 26 Date d'inscription   Statut Membre Dernière intervention  
 
regarde si cela marche

https://pjjoint.malekal.com/files.php?id=20120925_q7d5m7d5e14
0
Réponse 7 / 23
Utilisateur anonyme
 
? c'est quoi que tu as envoyé ???????
0
jacknico Messages postés 26 Date d'inscription   Statut Membre Dernière intervention  
 
le premier scan que j'ai fait avec pre_scan , compressé avec win.rar
0
jacknico Messages postés 26 Date d'inscription   Statut Membre Dernière intervention  
 
j'en ai fait un deuxieme le veux tu aussi ?
0
Réponse 8 / 23
Utilisateur anonyme
 
heberge plutot ici j'arrive pas à les ouvrir

https://www.cjoint.com/
0
Réponse 9 / 23
jacknico Messages postés 26 Date d'inscription   Statut Membre Dernière intervention  
 
le premier scan :

http://cjoint.com/12sp/BIzwnISwq9e.htm

le deuxieme:

https://www.cjoint.com/?BIzwoQUIFmY
0
Réponse 10 / 23
Utilisateur anonyme
 
relance l'outil , clique sur diag puis heberge le rapport sur cjoint.com
0
jacknico Messages postés 26 Date d'inscription   Statut Membre Dernière intervention  
 
https://www.cjoint.com/?BIzwJFFK4AI
0
Réponse 11 / 23
jacknico Messages postés 26 Date d'inscription   Statut Membre Dernière intervention  
 
fait :

https://www.cjoint.com/?BIzwJFFK4AI
0
Réponse 12 / 23
Utilisateur anonyme
 
Attention !!! pense à re-désactiver tes protections

Clique sur ce lien : https://www.cjoint.com/?BIzxwtPBfkT

Selectionne tout le texte qui s'y trouve CTRL+A puis CTRL+C ou clic droit/copier

Relance Pre_scan puis choisis l'option "Script"

une page va s'ouvrir

logiquement le texte que tu as sélectionné s'y trouve déjà , donc tu fermes et le programme va travailler.

sinon colle-le (clic droit/coller ou ctrl+V) dans la page vierge.

puis onglet fichier => enregistrer (pas enregistrer sous...) , puis ferme le texte

des fenetres noires risquent de clignoter , c'est normal , c'est le programme qui travaille

poste Pre_Script.txt qui apparaitra sur le bureau en fin de travail
0
jacknico Messages postés 26 Date d'inscription   Statut Membre Dernière intervention  
 
Bonjour, je viens d'effectuer l'option script, voici le rapport :

https://www.cjoint.com/?BIAjhKXGwBw
0
jacknico Messages postés 26 Date d'inscription   Statut Membre Dernière intervention  
 
après ce nettoyage ,que dois je faire maintenant pour récupérer une bonne configuration de mon système ? , car j'ai toujours les mêmes soucis due au virus.
0
Réponse 13 / 23
Utilisateur anonyme
 
regarde dans les propriétés de la barre des taches si le theme n'a pas été modifié
0
Réponse 14 / 23
jacknico Messages postés 26 Date d'inscription   Statut Membre Dernière intervention  
 
non apparemment pas, je n'ai plus que l'option affichage classic windows ????

j'ai un autre gros problème depuis que j'ai eu ce problème , quand je lance le jeu en ligne Worlds of tanks , immédiatement l'ordi lag un max et je vois que j'ai un ping entre 400 et 700 lors du jeu ! alors que normalement j'ai un ping a 35 pas plus .

et quand je ferme le jeu car il est injouable, j'ai la souris qui rame en saccadant ! bref c'est bizarre ?

si tu a une soluce pour se problème je suis tout ouïe

merci d'avance
0
Réponse 15 / 23
Utilisateur anonyme
 
ca sent pas bon....

suis ce tuto :

https://forums.cnetfrance.fr/tutoriels-securite-informatique/179557-dr-web-cureit-le-tutoriel
0
Réponse 16 / 23
jacknico Messages postés 26 Date d'inscription   Statut Membre Dernière intervention  
 
je viens de finir avec Dr Web, il y a encore eu 4 fichier mis en quarantaine !

je vais tester mon pc , je te tiens au courant
0
Réponse 17 / 23
Utilisateur anonyme
 
si on peut lire le rapport c'est bien.....
0
Réponse 18 / 23
jacknico Messages postés 26 Date d'inscription   Statut Membre Dernière intervention  
 
je le retrouve pas .... je continu a chercher ! lol

excuse pour mon incompétence a ce niveau, et surtout un grand Merci pour l'aide que tu m'apporte !
0
Réponse 19 / 23
jacknico Messages postés 26 Date d'inscription   Statut Membre Dernière intervention  
 
je l'ai retrouvé, c'est un fichier exel, et je cherchai un fichier texte .

https://www.cjoint.com/?BIBuhUjcDPV
0
Réponse 20 / 23
jacknico Messages postés 26 Date d'inscription   Statut Membre Dernière intervention  
 
j'ai téléchargé le theme XP et j'ai voulu le mettre dans C:\WINDOWS\Resources\Themes, et la surprise il y etait toujours, mais impossible qu'il soit pris en compte, j'ai un message d'erreur me disant qu'il n'est pas en cours d'execution , et quand je vais l'ouvrir ca merde aussi , j'y comprend plus rien
0

Discussions similaires

Site Easywifi.config inaccessible /
Charly -
Repeteurwifi -

8 réponses