Problèmes de PC
baba4444
Messages postés
33
Statut
Membre
-
g3n-h@ckm@n Messages postés 14350 Statut Membre -
g3n-h@ckm@n Messages postés 14350 Statut Membre -
Bonjour,
Comme beaucoup, j'ai un problème de PC, alors je sais pas si je suis sur le bon forum, je tente. N'hésitez pas à me rediriger si je dois poser ma question ailleurs...
Alors petite liste des problèmes qui affectent mon PC.
- après ouverture, après quelques minutes, mon PC se fige. Je peux toujours bouger avec la sourie, mais je ne peux plus cliquer nulle part. L'heure se fige également. Mes communications skype s'arrêtent. Ca dure environ 5 minutes, puis l'heure se réajuste, et tout revient à la normale, et je sais que le PC ne se figera plus tant qu'il reste allumé.
- Le PC est de plus en plus lent à démarrer.
Depuis hier, il s'amuse à vérifier un par un les composants, avant de lancer windows.
- De même, depuis hier, ma barre des taches est en version Windows xp, sans que j'ai rien demandé.
- quand j'allume le PC j'ai toujours quelques trucs à refermer, des trucs qui n'ont pas d'accès à ce qu'ils veulent, des trucs qui veulent s'installer sans que je sache ce que c'est, ... 2 ou 3 normalement.
Mon PC est un peu vieux, 2010, mais quand même au final ça parait beaucoup, et assez handicapant.
Quelqu'un saurait par où commencer pour améliorer tout ça ?
Merci d'avance !
Comme beaucoup, j'ai un problème de PC, alors je sais pas si je suis sur le bon forum, je tente. N'hésitez pas à me rediriger si je dois poser ma question ailleurs...
Alors petite liste des problèmes qui affectent mon PC.
- après ouverture, après quelques minutes, mon PC se fige. Je peux toujours bouger avec la sourie, mais je ne peux plus cliquer nulle part. L'heure se fige également. Mes communications skype s'arrêtent. Ca dure environ 5 minutes, puis l'heure se réajuste, et tout revient à la normale, et je sais que le PC ne se figera plus tant qu'il reste allumé.
- Le PC est de plus en plus lent à démarrer.
Depuis hier, il s'amuse à vérifier un par un les composants, avant de lancer windows.
- De même, depuis hier, ma barre des taches est en version Windows xp, sans que j'ai rien demandé.
- quand j'allume le PC j'ai toujours quelques trucs à refermer, des trucs qui n'ont pas d'accès à ce qu'ils veulent, des trucs qui veulent s'installer sans que je sache ce que c'est, ... 2 ou 3 normalement.
Mon PC est un peu vieux, 2010, mais quand même au final ça parait beaucoup, et assez handicapant.
Quelqu'un saurait par où commencer pour améliorer tout ça ?
Merci d'avance !
A voir également:
- Problèmes de PC
- Reinitialiser pc - Guide
- Pc lent - Guide
- Test performance pc - Guide
- Downloader for pc - Télécharger - Téléchargement & Transfert
- Forcer demarrage pc - Guide
26 réponses
salut
Télécharge et enregistre (lien direct) ADWCleaner sur ton bureau :
Ne clique pas sur Download , attends que la fenetre de confirmation de telechargement arrive
Lance le,(Pour vista/7/8 => clic droit "executer en tant qu'administrateur")
clique sur suppression et poste C:\Adwcleaner[Sx].txt
Télécharge et enregistre (lien direct) ADWCleaner sur ton bureau :
Ne clique pas sur Download , attends que la fenetre de confirmation de telechargement arrive
Lance le,(Pour vista/7/8 => clic droit "executer en tant qu'administrateur")
clique sur suppression et poste C:\Adwcleaner[Sx].txt
Bonjour,
Merci pour ta réponse. J'ai essayé.
Téléchargement, puis scan (je suppose que tu le demandais, même si tu ne l'as pas ecris, non ? ), puis nettoyer.
Est ce normal si le nettoyage a l'air de prendre pas mal de temps ? Genre je le lance, je vois marquer un truc genre "suppression des dossiers", et ça s'arrête là; ça bouge plus, plus de 15 minutes. C'est normal ? Si oui je le relancerai...
Merci pour ta réponse. J'ai essayé.
Téléchargement, puis scan (je suppose que tu le demandais, même si tu ne l'as pas ecris, non ? ), puis nettoyer.
Est ce normal si le nettoyage a l'air de prendre pas mal de temps ? Genre je le lance, je vois marquer un truc genre "suppression des dossiers", et ça s'arrête là; ça bouge plus, plus de 15 minutes. C'est normal ? Si oui je le relancerai...
hello
je ne demandais que le nettoyage , je sais pourquoi je fais utiliser les outils j'ai pas besoin d'un rapport de recherche pour me confirmer ce que je vois déjà lol ^^
si ca bloque desactive tes protections ce sont certainement elles qui bloquent
je ne demandais que le nettoyage , je sais pourquoi je fais utiliser les outils j'ai pas besoin d'un rapport de recherche pour me confirmer ce que je vois déjà lol ^^
si ca bloque desactive tes protections ce sont certainement elles qui bloquent
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
dsl je pourrai pas le faire aujourd'hui, ca sera pour demain soir.
Je peux pas vérifier la maintenant, mais je suis pas super sur de pouvoir cliquer sur "nettoyer" sans passer par le scan.
Bref je reporte sur ce topic jeudi soir, je t'en dirai plus a ce moment la.
Merci !
Je peux pas vérifier la maintenant, mais je suis pas super sur de pouvoir cliquer sur "nettoyer" sans passer par le scan.
Bref je reporte sur ce topic jeudi soir, je t'en dirai plus a ce moment la.
Merci !
Si, puisque j'ai suivi ton lien.
Bref, je t'en reparle quand j'ai le logiciel sous les yeux, demain soir.
Quand tu parles de protections a retirer, tu veux dire quoi ?
Bref, je t'en reparle quand j'ai le logiciel sous les yeux, demain soir.
Quand tu parles de protections a retirer, tu veux dire quoi ?
Hello,
Finalement j'ai pu accéder à mon PC.
Alors j'ai désactivé quelques minutes AVG, lancé ADWCleaner, impossible de cliquer sur nettoyer, donc j'ai fait un scan, puis nettoyé. Cette fois ça a marché. Redémarrage d'ordi, puis voilà le rapport :
# AdwCleaner v3.000 - Rapport créé le 22/08/2013 à 00:44:11
# Mis à jour le 20/08/2013 par Xplode
# Système d'exploitation : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Nom d'utilisateur : Médéric - PC-DE-MÉDÉRIC
# Exécuté depuis : C:\Users\Médéric\Desktop\AdwCleaner.exe
# Option : Nettoyer
***** [ Services ] *****
***** [ Fichiers / Dossiers ] *****
Dossier Supprimé : C:\Users\Médéric\AppData\Roaming\Complitly
Dossier Supprimé : C:\Users\Médéric\AppData\Roaming\pdfforge
Dossier Supprimé : C:\Users\Médéric\AppData\Roaming\Mozilla\Firefox\Profiles\euyz5on4.default\Extensions\{33E0DAA6-3AF3-D8B5-6752-10E949C61516}
Fichier Supprimé : C:\Users\Médéric\Desktop\cacaoweb.exe
Fichier Supprimé : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
Fichier Supprimé : C:\Program Files\Mozilla Firefox\searchplugins\Babylon.xml
Fichier Supprimé : C:\Users\Médéric\AppData\Roaming\Mozilla\Firefox\Profiles\euyz5on4.default\user.js
***** [ Raccourcis ] *****
***** [ Registre ] *****
Valeur Supprimée : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\Complitly.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Clé Supprimée : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Clé Supprimée : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Clé Supprimée : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Clé Supprimée : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Clé Supprimée : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Clé Supprimée : HKLM\SOFTWARE\Classes\Prod.cap
Clé Supprimée : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Clé Supprimée : HKLM\SOFTWARE\Classes\S
Clé Supprimée : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Clé Supprimée : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Clé Supprimée : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO
Clé Supprimée : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO.1
Clé Supprimée : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Clé Supprimée : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
[#] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Clé Supprimée : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Clé Supprimée : HKCU\Software\AVG Secure Search
Clé Supprimée : HKCU\Software\Complitly
Clé Supprimée : HKCU\Software\Softonic
Clé Supprimée : HKCU\Software\YahooPartnerToolbar
Clé Supprimée : HKCU\Software\AppDataLow\Software\AVG Security Toolbar
Clé Supprimée : HKLM\Software\AVG Secure Search
Clé Supprimée : HKLM\Software\AVG Security Toolbar
Clé Supprimée : HKLM\Software\Babylon
Clé Supprimée : HKLM\Software\SimplyGen
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4FFBB818-B13C-11E0-931D-B2664824019B}_is1
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{4EF8BE6A-899C-4196-94E7-297C5F7A203E}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{4FFBB818-B13C-11E0-931D-B2664824019B}_is1
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search
***** [ Navigateurs ] *****
-\\ Internet Explorer v9.0.8112.16502
-\\ Mozilla Firefox v23.0.1 (fr)
[ Fichier : C:\Users\Médéric\AppData\Roaming\Mozilla\Firefox\Profiles\euyz5on4.default\prefs.js ]
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.babExt", "");
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=108988");
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.hardId", "d8b5a81f00000000000000242c71ed12");
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.id", "d8b5a81f00000000000000242c71ed12");
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.instlDay", "15361");
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1718:54:08");
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Ligne Supprimée : user_pref("extensions.illimitux.ilx_pref_pt_veoh", true);
*************************
AdwCleaner[R0].txt - [13424 octets] - [20/08/2013 22:52:35]
AdwCleaner[R1].txt - [13485 octets] - [20/08/2013 22:57:34]
AdwCleaner[R2].txt - [12744 octets] - [20/08/2013 23:26:46]
AdwCleaner[R3].txt - [12581 octets] - [22/08/2013 00:43:07]
AdwCleaner[S0].txt - [1354 octets] - [20/08/2013 22:58:51]
AdwCleaner[S1].txt - [451 octets] - [20/08/2013 23:28:23]
AdwCleaner[S2].txt - [12233 octets] - [22/08/2013 00:44:11]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [12294 octets] ##########
Finalement j'ai pu accéder à mon PC.
Alors j'ai désactivé quelques minutes AVG, lancé ADWCleaner, impossible de cliquer sur nettoyer, donc j'ai fait un scan, puis nettoyé. Cette fois ça a marché. Redémarrage d'ordi, puis voilà le rapport :
# AdwCleaner v3.000 - Rapport créé le 22/08/2013 à 00:44:11
# Mis à jour le 20/08/2013 par Xplode
# Système d'exploitation : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Nom d'utilisateur : Médéric - PC-DE-MÉDÉRIC
# Exécuté depuis : C:\Users\Médéric\Desktop\AdwCleaner.exe
# Option : Nettoyer
***** [ Services ] *****
***** [ Fichiers / Dossiers ] *****
Dossier Supprimé : C:\Users\Médéric\AppData\Roaming\Complitly
Dossier Supprimé : C:\Users\Médéric\AppData\Roaming\pdfforge
Dossier Supprimé : C:\Users\Médéric\AppData\Roaming\Mozilla\Firefox\Profiles\euyz5on4.default\Extensions\{33E0DAA6-3AF3-D8B5-6752-10E949C61516}
Fichier Supprimé : C:\Users\Médéric\Desktop\cacaoweb.exe
Fichier Supprimé : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
Fichier Supprimé : C:\Program Files\Mozilla Firefox\searchplugins\Babylon.xml
Fichier Supprimé : C:\Users\Médéric\AppData\Roaming\Mozilla\Firefox\Profiles\euyz5on4.default\user.js
***** [ Raccourcis ] *****
***** [ Registre ] *****
Valeur Supprimée : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\Complitly.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Clé Supprimée : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Clé Supprimée : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Clé Supprimée : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Clé Supprimée : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Clé Supprimée : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Clé Supprimée : HKLM\SOFTWARE\Classes\Prod.cap
Clé Supprimée : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Clé Supprimée : HKLM\SOFTWARE\Classes\S
Clé Supprimée : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Clé Supprimée : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Clé Supprimée : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO
Clé Supprimée : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO.1
Clé Supprimée : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Clé Supprimée : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
[#] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Clé Supprimée : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Clé Supprimée : HKCU\Software\AVG Secure Search
Clé Supprimée : HKCU\Software\Complitly
Clé Supprimée : HKCU\Software\Softonic
Clé Supprimée : HKCU\Software\YahooPartnerToolbar
Clé Supprimée : HKCU\Software\AppDataLow\Software\AVG Security Toolbar
Clé Supprimée : HKLM\Software\AVG Secure Search
Clé Supprimée : HKLM\Software\AVG Security Toolbar
Clé Supprimée : HKLM\Software\Babylon
Clé Supprimée : HKLM\Software\SimplyGen
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4FFBB818-B13C-11E0-931D-B2664824019B}_is1
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{4EF8BE6A-899C-4196-94E7-297C5F7A203E}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{4FFBB818-B13C-11E0-931D-B2664824019B}_is1
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search
***** [ Navigateurs ] *****
-\\ Internet Explorer v9.0.8112.16502
-\\ Mozilla Firefox v23.0.1 (fr)
[ Fichier : C:\Users\Médéric\AppData\Roaming\Mozilla\Firefox\Profiles\euyz5on4.default\prefs.js ]
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.babExt", "");
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=108988");
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.hardId", "d8b5a81f00000000000000242c71ed12");
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.id", "d8b5a81f00000000000000242c71ed12");
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.instlDay", "15361");
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1718:54:08");
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Ligne Supprimée : user_pref("extensions.illimitux.ilx_pref_pt_veoh", true);
*************************
AdwCleaner[R0].txt - [13424 octets] - [20/08/2013 22:52:35]
AdwCleaner[R1].txt - [13485 octets] - [20/08/2013 22:57:34]
AdwCleaner[R2].txt - [12744 octets] - [20/08/2013 23:26:46]
AdwCleaner[R3].txt - [12581 octets] - [22/08/2013 00:43:07]
AdwCleaner[S0].txt - [1354 octets] - [20/08/2013 22:58:51]
AdwCleaner[S1].txt - [451 octets] - [20/08/2013 23:28:23]
AdwCleaner[S2].txt - [12233 octets] - [22/08/2013 00:44:11]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [12294 octets] ##########
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.2 (08.20.2013:1)
OS: Windows Vista (TM) Home Premium x86
Ran by M'd'ric on 22/08/2013 at 1:02:19,85
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Suspicious HKCU\..\Run entries found. Trojan:JS/Medfos.B?
Value Name Type Value Data
========================================================================================
sysinfo REG_SZ C:\Windows\system32\rundll32.exe C:\Users\MDRIC~1\AppData\Local\Temp\1632861534Wsy.dll,Sets
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\features\a28b4d68debaa244eb686953b7074fef
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\features\a6eb8fe4c9986914497e92c7f5a702e3
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{F26D5FFB-ABF5-48D7-9FD4-57906179FA38}
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\0e12f736682067fde4d1158d5940a82e"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\1a24b5bb8521b03e0c8d908f5abc0ae6"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\261f213d1f55267499b1f87d0cc3bcf7"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\2b0d56c4f4c46d844a57ffed6f0d2852"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\49d4375fe41653242aea4c969e4e65e0"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\6aa0923513360135b272e8289c5f13fa"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\6f7467af8f29c134cbbab394eccfde96"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\741b4adf27276464790022c965ab6da8"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\7de196b10195f5647a2b21b761f3de01"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\922525dcc5199162f8935747ca3d8e59"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\9d4f5849367142e4685ed8c25e44c5ed"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\a5875b04372c19545beb90d4d606c472"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\a876d9e80b896ec44a8620248cc79296"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\b66ffab725b92594c986de826a867888"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\bcda179d619b91648538e3394cac94cc"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\d677b1a9671d4d4004f6f2a4469e86ea"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\dd1402a9dd4215a43abde169a41afa0e"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\e36e114a0ead2ad46b381d23ad69cddf"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\ef8e618db3aedfbb384561b5c548f65e"
~~~ Files
Successfully deleted: [File] "C:\Windows\system32\funshion.ini"
~~~ Folders
Successfully deleted: [Folder] "C:\Users\M'd'ric\funshion"
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{040B5296-D6F0-4208-9AB4-59BC0E80613C}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{07720BAA-EF15-4FD1-B531-AE192EEBFA8C}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{08EAA69D-8018-475E-B498-0E90B5F888B2}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{132FA45E-0F5A-4F4F-A744-DF1D7EC39A6B}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{142DBD8A-20F6-4101-BC11-A65707D96FFF}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{14C2C61E-3D58-440E-8FC4-4D7954DE14B2}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{173B421C-A035-4152-9605-217585F6DB31}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{1AF832B0-58FC-4F8D-99D1-F4B63770242D}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{2B08B985-E297-4C69-AD60-806678A4C0D1}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{2DC0FF5F-5913-4C3B-A99E-4CC1ED99D754}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{31871263-9AFD-4D8E-94DC-D05B2F0A107F}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{32631014-5579-49D7-B4BB-AE058BE138A0}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{376E5573-C77B-4DCE-A82E-8F62995D4F42}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{3B5D999E-E50F-41C2-80A5-A06832C645BF}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{3F4370FF-9398-48E3-A427-06BB58D1B8B7}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{40FE4648-7ACC-4509-A57F-EBAA26D8DD23}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{4168DBE8-080E-4509-B5DF-AEB443B9FE05}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{4263CD34-4C5D-495D-BD8D-CB833A3CD30A}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{42EC2EF2-6A0E-4D95-8870-093772C2A9DE}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{4AC75D13-4B19-46D2-8B62-60BF20C18896}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{4D25E925-E399-4F8B-A3F7-8610C91D425A}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{4E173437-B179-43A5-AFAB-A29132448B2C}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{51C67F84-17CC-439A-8470-A3713CA15D04}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{589929CE-11B1-439B-9EC4-8D264C0E41C2}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{5B638B1E-ABEC-4229-AFB7-8649496987D9}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{5E8839B0-1721-48B8-AA6A-C14CB1BE70F8}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{5ED6B782-D7A2-41AD-A230-09036DB5D7AB}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{633B1E39-7590-47D7-A303-D63EDB0705E2}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{6D29320E-943D-47AC-AFC5-A3F7C28CCA8E}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{70E33DCB-8ACB-4DF5-95DC-24006C7DED0C}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{7447DAE0-0DD1-499A-9D07-D897564C916B}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{74C76D63-9F7E-443C-A517-14561317FA3C}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{7938BF46-64C7-4050-88A9-092E361E6688}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{7B121290-426A-4AD6-B8A7-7626063F92F7}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{7C1F9402-D6F8-436A-9150-144AC4964A4B}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{7D7690E5-AC90-4B7F-B058-32CB4FF52367}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{7E93785E-9592-4D20-A51C-5A35E222291F}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{8013116A-FB5A-44A0-A245-90B0B60BF25D}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{84D4D89F-C9E5-4D22-A40A-44377B119EE7}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{8727AC08-68D0-4602-8E72-1D9DE1EC3FD9}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{89DE2B7C-6DFE-45C6-934A-4EDDD927A243}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{8A8E4C1F-AB82-4E1D-8E67-369DB6D65509}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{8D196E63-22A7-4DCD-96C0-4CB576DF562F}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{8D85C84A-9FA5-48AE-BBD7-4C3F839E0BC2}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{8FA32982-44B3-4B4A-9998-08C9BC11AC56}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{8FD8D0D1-9166-43D6-AA2F-F6504F679E12}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{92C7D366-C0B6-40D5-845C-1DE11FFC600F}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{93B0F03B-991B-4B42-B46E-7AE5AD098D51}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{9528B826-90BE-4F2F-8AB1-B48D23C49BCC}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{977C6493-BA59-4F2F-9DE7-C522E6D757A4}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{99A09B46-F180-44AE-B675-8A3D36FA2224}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{9BE66D35-7811-4A67-8DFA-177C84DC9C69}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{9E812B91-A521-41C8-A75E-5931A53D398F}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{9EEF6C92-38C1-4C65-9DFD-73CB5EA344AF}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{9F0FC57B-53DB-4E9F-9907-D0EBCE4BF803}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{A3B3F77E-DBD6-4B27-9F43-30762FCD06A6}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{A4A5515E-BDD7-4630-9D0C-2A9ABC1F03FD}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{A5CB4F1F-EC84-4189-AEE8-BE0E925FF6C6}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{A669D12D-2164-4648-8875-7B540F984FA6}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{A7F6460E-189B-46A4-923F-84576E5C4BE4}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{A7FE3FBB-F1D9-41E8-AF30-F8A1BFAD4C87}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{AAF376DC-D00D-4481-AD53-845A8716FECF}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{ACDA3B15-34D0-4C6B-A1E7-8BE5A7E27EBA}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{AEAA152A-CE20-4516-BA42-0CC72E8FEC9D}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{B15B44C2-5C6D-4031-96ED-127F0DF2338B}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{B1E14605-1F7B-4FC9-AB6A-01F6B19F266C}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{B60A83BC-7121-4D49-9960-564094E51EC6}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{B887DA74-012B-46EB-89E4-5AA059C2556D}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{BC99871C-4C11-4E7A-B7C9-BDAEB806B967}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{BCAC0A12-8B8E-4894-A59F-DB9CAE13D1B6}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{BD753947-BCA4-4D73-B1A6-415701A00DB8}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{BFD6887D-CA82-4812-B562-259D458EBF67}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{C147257D-147D-4EE1-8C25-AAFB03632831}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{C26E0893-A3E4-4489-950C-423C1F01BE31}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{C3044B07-BA04-455E-9192-8B7243C6EEBE}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{C4F4F768-7962-4190-B7F0-D00113788966}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{CFB63275-9FCB-4EAD-AED1-0D457A457392}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{D8169DFC-803B-4093-AFF2-24B60AF32D54}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{D925CB09-FB9B-4701-9F03-CFFC70649261}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{D9F1FBAA-960D-46B0-B003-689D5F8C44C4}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{E84809B2-B914-48C9-9239-9EB9E26ED9E3}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{E85A6532-9159-4E6C-9520-33C2DB64D185}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{E98DD93E-A792-45F3-8327-B59D06D120DC}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{EBD2B203-1F3E-4D7B-8EDE-6E53CA594E19}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{F01B3F6B-6FE0-46D4-9FBB-59BF33B4D53A}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{F1E980CA-7596-4882-91B2-66C0B5D72BD0}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{F95C81A1-FB9B-41D4-81D1-496119BD3675}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{FDFE4492-67E7-482D-AA41-0FA37DA43606}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{FFF5EA52-F1B2-441A-BA08-F3259E714483}
Successfully deleted: [Folder] "C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}"
~~~ FireFox
Successfully deleted: [File] C:\user.js
Failed to delete: [File] "C:\Program Files\Mozilla Firefox\searchplugins\avg_igeared.xml"
Successfully deleted the following from C:\Users\M'd'ric\AppData\Roaming\mozilla\firefox\profiles\euyz5on4.default\prefs.js
user_pref("google.toolbar.search-icon", "data:image/x-icon;base64,AAABAAEAEBAAAAEAIABoBAAAFgAAACgAAAAQAAAAIAAAAAEAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7PT7/3zF6/9Ptu//RbHx/
Emptied folder: C:\Users\M'd'ric\AppData\Roaming\mozilla\firefox\profiles\euyz5on4.default\minidumps [153 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 22/08/2013 at 1:07:10,13
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.2 (08.20.2013:1)
OS: Windows Vista (TM) Home Premium x86
Ran by M'd'ric on 22/08/2013 at 1:02:19,85
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Suspicious HKCU\..\Run entries found. Trojan:JS/Medfos.B?
Value Name Type Value Data
========================================================================================
sysinfo REG_SZ C:\Windows\system32\rundll32.exe C:\Users\MDRIC~1\AppData\Local\Temp\1632861534Wsy.dll,Sets
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\features\a28b4d68debaa244eb686953b7074fef
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\features\a6eb8fe4c9986914497e92c7f5a702e3
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{F26D5FFB-ABF5-48D7-9FD4-57906179FA38}
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\0e12f736682067fde4d1158d5940a82e"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\1a24b5bb8521b03e0c8d908f5abc0ae6"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\261f213d1f55267499b1f87d0cc3bcf7"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\2b0d56c4f4c46d844a57ffed6f0d2852"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\49d4375fe41653242aea4c969e4e65e0"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\6aa0923513360135b272e8289c5f13fa"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\6f7467af8f29c134cbbab394eccfde96"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\741b4adf27276464790022c965ab6da8"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\7de196b10195f5647a2b21b761f3de01"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\922525dcc5199162f8935747ca3d8e59"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\9d4f5849367142e4685ed8c25e44c5ed"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\a5875b04372c19545beb90d4d606c472"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\a876d9e80b896ec44a8620248cc79296"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\b66ffab725b92594c986de826a867888"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\bcda179d619b91648538e3394cac94cc"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\d677b1a9671d4d4004f6f2a4469e86ea"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\dd1402a9dd4215a43abde169a41afa0e"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\e36e114a0ead2ad46b381d23ad69cddf"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\ef8e618db3aedfbb384561b5c548f65e"
~~~ Files
Successfully deleted: [File] "C:\Windows\system32\funshion.ini"
~~~ Folders
Successfully deleted: [Folder] "C:\Users\M'd'ric\funshion"
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{040B5296-D6F0-4208-9AB4-59BC0E80613C}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{07720BAA-EF15-4FD1-B531-AE192EEBFA8C}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{08EAA69D-8018-475E-B498-0E90B5F888B2}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{132FA45E-0F5A-4F4F-A744-DF1D7EC39A6B}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{142DBD8A-20F6-4101-BC11-A65707D96FFF}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{14C2C61E-3D58-440E-8FC4-4D7954DE14B2}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{173B421C-A035-4152-9605-217585F6DB31}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{1AF832B0-58FC-4F8D-99D1-F4B63770242D}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{2B08B985-E297-4C69-AD60-806678A4C0D1}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{2DC0FF5F-5913-4C3B-A99E-4CC1ED99D754}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{31871263-9AFD-4D8E-94DC-D05B2F0A107F}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{32631014-5579-49D7-B4BB-AE058BE138A0}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{376E5573-C77B-4DCE-A82E-8F62995D4F42}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{3B5D999E-E50F-41C2-80A5-A06832C645BF}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{3F4370FF-9398-48E3-A427-06BB58D1B8B7}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{40FE4648-7ACC-4509-A57F-EBAA26D8DD23}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{4168DBE8-080E-4509-B5DF-AEB443B9FE05}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{4263CD34-4C5D-495D-BD8D-CB833A3CD30A}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{42EC2EF2-6A0E-4D95-8870-093772C2A9DE}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{4AC75D13-4B19-46D2-8B62-60BF20C18896}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{4D25E925-E399-4F8B-A3F7-8610C91D425A}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{4E173437-B179-43A5-AFAB-A29132448B2C}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{51C67F84-17CC-439A-8470-A3713CA15D04}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{589929CE-11B1-439B-9EC4-8D264C0E41C2}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{5B638B1E-ABEC-4229-AFB7-8649496987D9}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{5E8839B0-1721-48B8-AA6A-C14CB1BE70F8}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{5ED6B782-D7A2-41AD-A230-09036DB5D7AB}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{633B1E39-7590-47D7-A303-D63EDB0705E2}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{6D29320E-943D-47AC-AFC5-A3F7C28CCA8E}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{70E33DCB-8ACB-4DF5-95DC-24006C7DED0C}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{7447DAE0-0DD1-499A-9D07-D897564C916B}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{74C76D63-9F7E-443C-A517-14561317FA3C}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{7938BF46-64C7-4050-88A9-092E361E6688}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{7B121290-426A-4AD6-B8A7-7626063F92F7}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{7C1F9402-D6F8-436A-9150-144AC4964A4B}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{7D7690E5-AC90-4B7F-B058-32CB4FF52367}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{7E93785E-9592-4D20-A51C-5A35E222291F}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{8013116A-FB5A-44A0-A245-90B0B60BF25D}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{84D4D89F-C9E5-4D22-A40A-44377B119EE7}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{8727AC08-68D0-4602-8E72-1D9DE1EC3FD9}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{89DE2B7C-6DFE-45C6-934A-4EDDD927A243}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{8A8E4C1F-AB82-4E1D-8E67-369DB6D65509}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{8D196E63-22A7-4DCD-96C0-4CB576DF562F}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{8D85C84A-9FA5-48AE-BBD7-4C3F839E0BC2}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{8FA32982-44B3-4B4A-9998-08C9BC11AC56}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{8FD8D0D1-9166-43D6-AA2F-F6504F679E12}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{92C7D366-C0B6-40D5-845C-1DE11FFC600F}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{93B0F03B-991B-4B42-B46E-7AE5AD098D51}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{9528B826-90BE-4F2F-8AB1-B48D23C49BCC}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{977C6493-BA59-4F2F-9DE7-C522E6D757A4}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{99A09B46-F180-44AE-B675-8A3D36FA2224}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{9BE66D35-7811-4A67-8DFA-177C84DC9C69}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{9E812B91-A521-41C8-A75E-5931A53D398F}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{9EEF6C92-38C1-4C65-9DFD-73CB5EA344AF}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{9F0FC57B-53DB-4E9F-9907-D0EBCE4BF803}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{A3B3F77E-DBD6-4B27-9F43-30762FCD06A6}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{A4A5515E-BDD7-4630-9D0C-2A9ABC1F03FD}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{A5CB4F1F-EC84-4189-AEE8-BE0E925FF6C6}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{A669D12D-2164-4648-8875-7B540F984FA6}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{A7F6460E-189B-46A4-923F-84576E5C4BE4}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{A7FE3FBB-F1D9-41E8-AF30-F8A1BFAD4C87}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{AAF376DC-D00D-4481-AD53-845A8716FECF}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{ACDA3B15-34D0-4C6B-A1E7-8BE5A7E27EBA}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{AEAA152A-CE20-4516-BA42-0CC72E8FEC9D}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{B15B44C2-5C6D-4031-96ED-127F0DF2338B}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{B1E14605-1F7B-4FC9-AB6A-01F6B19F266C}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{B60A83BC-7121-4D49-9960-564094E51EC6}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{B887DA74-012B-46EB-89E4-5AA059C2556D}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{BC99871C-4C11-4E7A-B7C9-BDAEB806B967}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{BCAC0A12-8B8E-4894-A59F-DB9CAE13D1B6}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{BD753947-BCA4-4D73-B1A6-415701A00DB8}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{BFD6887D-CA82-4812-B562-259D458EBF67}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{C147257D-147D-4EE1-8C25-AAFB03632831}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{C26E0893-A3E4-4489-950C-423C1F01BE31}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{C3044B07-BA04-455E-9192-8B7243C6EEBE}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{C4F4F768-7962-4190-B7F0-D00113788966}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{CFB63275-9FCB-4EAD-AED1-0D457A457392}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{D8169DFC-803B-4093-AFF2-24B60AF32D54}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{D925CB09-FB9B-4701-9F03-CFFC70649261}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{D9F1FBAA-960D-46B0-B003-689D5F8C44C4}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{E84809B2-B914-48C9-9239-9EB9E26ED9E3}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{E85A6532-9159-4E6C-9520-33C2DB64D185}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{E98DD93E-A792-45F3-8327-B59D06D120DC}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{EBD2B203-1F3E-4D7B-8EDE-6E53CA594E19}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{F01B3F6B-6FE0-46D4-9FBB-59BF33B4D53A}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{F1E980CA-7596-4882-91B2-66C0B5D72BD0}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{F95C81A1-FB9B-41D4-81D1-496119BD3675}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{FDFE4492-67E7-482D-AA41-0FA37DA43606}
Successfully deleted: [Empty Folder] C:\Users\M'd'ric\appdata\local\{FFF5EA52-F1B2-441A-BA08-F3259E714483}
Successfully deleted: [Folder] "C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}"
~~~ FireFox
Successfully deleted: [File] C:\user.js
Failed to delete: [File] "C:\Program Files\Mozilla Firefox\searchplugins\avg_igeared.xml"
Successfully deleted the following from C:\Users\M'd'ric\AppData\Roaming\mozilla\firefox\profiles\euyz5on4.default\prefs.js
user_pref("google.toolbar.search-icon", "data:image/x-icon;base64,AAABAAEAEBAAAAEAIABoBAAAFgAAACgAAAAQAAAAIAAAAAEAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7PT7/3zF6/9Ptu//RbHx/
Emptied folder: C:\Users\M'd'ric\AppData\Roaming\mozilla\firefox\profiles\euyz5on4.default\minidumps [153 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 22/08/2013 at 1:07:10,13
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
hello
execute ceci :
https://www.security-helpzone.com/2013/04/17/malwarebytes-anti-malware-mbam-detecteur-generaliste-de-menaces/
execute ceci :
http://security-helpzone.com/gen-hackman/tutos-canneds/otl-2/
execute ceci :
https://www.security-helpzone.com/2013/04/17/malwarebytes-anti-malware-mbam-detecteur-generaliste-de-menaces/
execute ceci :
http://security-helpzone.com/gen-hackman/tutos-canneds/otl-2/
Salut,
extra :
https://www.cjoint.com/c/CHynfahs9LF
OTL :
http://cjoint.com/?CHynglNXZ1v
et le rapport pour malwarebytes :
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Version de la base de données: v2013.08.22.10
Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Médéric :: PC-DE-MÉDÉRIC [administrateur]
23/08/2013 08:45:52
mbam-log-2013-08-23 (08-45-52).txt
Type d'examen: Examen complet (C:\|D:\|)
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 486603
Temps écoulé: 3 heure(s), 42 minute(s), 57 seconde(s)
Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Clé(s) du Registre détectée(s): 1
HKCU\SOFTWARE\ineufbr1v (Malware.Trace) -> Mis en quarantaine et supprimé avec succès.
Valeur(s) du Registre détectée(s): 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|sysinfo (Trojan.Downloader) -> Données: C:\Windows\system32\rundll32.exe C:\Users\MDRIC~1\AppData\Local\Temp\1632861534Wsy.dll,Sets -> Mis en quarantaine et supprimé avec succès.
Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)
Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)
Fichier(s) détecté(s): 6
C:\$Recycle.Bin\S-1-5-21-2238331092-3243301652-1097947513-1000\$RG99A4X.tmp (Trojan.FakeHDD) -> Mis en quarantaine et supprimé avec succès.
C:\$Recycle.Bin\S-1-5-21-2238331092-3243301652-1097947513-1000\$RA5PDLB.exe (Adware.Dropper) -> Mis en quarantaine et supprimé avec succès.
C:\$Recycle.Bin\S-1-5-21-2238331092-3243301652-1097947513-1000\$RF1XP8V.tmp (Trojan.FakeHDD) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Médéric\Desktop\Downloads\install_www--6764-JDownloader.exe (Trojan.Banker) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Médéric\Desktop\Downloads\FunshionInstall_C57944.exe (PUP.Funshion) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Médéric\funshion.ini (PUP.Funshion) -> Mis en quarantaine et supprimé avec succès.
(fin)
extra :
https://www.cjoint.com/c/CHynfahs9LF
OTL :
http://cjoint.com/?CHynglNXZ1v
et le rapport pour malwarebytes :
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Version de la base de données: v2013.08.22.10
Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Médéric :: PC-DE-MÉDÉRIC [administrateur]
23/08/2013 08:45:52
mbam-log-2013-08-23 (08-45-52).txt
Type d'examen: Examen complet (C:\|D:\|)
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 486603
Temps écoulé: 3 heure(s), 42 minute(s), 57 seconde(s)
Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Clé(s) du Registre détectée(s): 1
HKCU\SOFTWARE\ineufbr1v (Malware.Trace) -> Mis en quarantaine et supprimé avec succès.
Valeur(s) du Registre détectée(s): 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|sysinfo (Trojan.Downloader) -> Données: C:\Windows\system32\rundll32.exe C:\Users\MDRIC~1\AppData\Local\Temp\1632861534Wsy.dll,Sets -> Mis en quarantaine et supprimé avec succès.
Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)
Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)
Fichier(s) détecté(s): 6
C:\$Recycle.Bin\S-1-5-21-2238331092-3243301652-1097947513-1000\$RG99A4X.tmp (Trojan.FakeHDD) -> Mis en quarantaine et supprimé avec succès.
C:\$Recycle.Bin\S-1-5-21-2238331092-3243301652-1097947513-1000\$RA5PDLB.exe (Adware.Dropper) -> Mis en quarantaine et supprimé avec succès.
C:\$Recycle.Bin\S-1-5-21-2238331092-3243301652-1097947513-1000\$RF1XP8V.tmp (Trojan.FakeHDD) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Médéric\Desktop\Downloads\install_www--6764-JDownloader.exe (Trojan.Banker) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Médéric\Desktop\Downloads\FunshionInstall_C57944.exe (PUP.Funshion) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Médéric\funshion.ini (PUP.Funshion) -> Mis en quarantaine et supprimé avec succès.
(fin)
desinstalle spybot c'est de la crotte en barre
desinstalle tout java
==
passe pre_scan
http://security-helpzone.com/gen-hackman/pre_scan-2/canned-speech/
desinstalle tout java
==
passe pre_scan
http://security-helpzone.com/gen-hackman/pre_scan-2/canned-speech/
t'as essayé de lancer firefox pendant le scan vilain ^^
relance l'outil , clique sur diag , heberge le rapport c:\pre_diag_xx_xx_xx.txt puis donne le lien
relance l'outil , clique sur diag , heberge le rapport c:\pre_diag_xx_xx_xx.txt puis donne le lien
https://www.cjoint.com/c/CHAkwshPtbu
La première fois j'ai du le faire sans faire attention. Cette fois ça devrait être bon...
La première fois j'ai du le faire sans faire attention. Cette fois ça devrait être bon...
selectionne ce texte , puis CTRL + C
Kill::
yes
Key::
[HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Funshion]
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar]|[{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
[HKU\S-1-5-21-2238331092-3243301652-1097947513-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar]|[Locked]
[HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Toolbar]|[Locked]
[HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}]
[HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B922D405-6D13-4A2B-AE89-08A030DA4402}]
[HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
[HKLM\Software\mozilla\Firefox\Extensions]|[avg@igeared]
[HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules]|[TCP Query User{DD1C0EBD-D6DA-461D-91EC-0043567D6653}C:\users\médéric\appdata\roaming\cacaoweb\cacaoweb.exe]
[HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules]|[UDP Query User{AACC248C-6261-48AE-A746-785843133991}C:\users\médéric\appdata\roaming\cacaoweb\cacaoweb.exe]
[HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules]|[funshiontcp]
[HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules]|[funshionudp]
File|Fold::
C:\Users\Médéric\AppData\Roaming\Mozilla\Firefox\Profiles\euyz5on4.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
C:\cd985c499562abc3278ef73348a5
C:\e2381ee526fb65e076df34
C:\5ba038b4aafcffc75cc905fa
C:\050817adc1f2f7e2d1a89361183e
C:\3102fe3942e494dc9b6a
C:\d8d89c40ef90c3cac2
C:\Windows\Installer\{4EF8BE6A-899C-4196-94E7-297C5F7A203E}
C:\Users\Médéric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk
C:\Users\Médéric\AppData\Roaming\vlc(114)
C:\ProgramData\McAfee
C:\ProgramData\p4780LaFaFnF0322
C:\ProgramData\37281528
C:\ProgramData\Spybot - Search & Destroy
C:\Program Files\Mozilla Firefoxavg-secure-search.xml
C:\Program Files\Spybot - Search & Destroy
Driver::
MFEAVFK
MFEBOPK
MFEHIDK
MFEHIDK01
MFERKDK
MFESMFK
vToolbarUpdater15.5.0
MBR::
yes
Clean::
yes
Reboot::
yes
Relance Pre_scan puis choisis l'option « Script« L'outil va travailler instantanément
des fenetres noires risquent de clignoter , c'est normal , c'est le programme qui travaille
poste Pre_Script_date_heure.txt qui apparaitra à la racine du disque systeme (généralement c:\) en fin de travail
Kill::
yes
Key::
[HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Funshion]
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar]|[{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
[HKU\S-1-5-21-2238331092-3243301652-1097947513-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar]|[Locked]
[HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Toolbar]|[Locked]
[HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}]
[HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B922D405-6D13-4A2B-AE89-08A030DA4402}]
[HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
[HKLM\Software\mozilla\Firefox\Extensions]|[avg@igeared]
[HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules]|[TCP Query User{DD1C0EBD-D6DA-461D-91EC-0043567D6653}C:\users\médéric\appdata\roaming\cacaoweb\cacaoweb.exe]
[HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules]|[UDP Query User{AACC248C-6261-48AE-A746-785843133991}C:\users\médéric\appdata\roaming\cacaoweb\cacaoweb.exe]
[HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules]|[funshiontcp]
[HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules]|[funshionudp]
File|Fold::
C:\Users\Médéric\AppData\Roaming\Mozilla\Firefox\Profiles\euyz5on4.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
C:\cd985c499562abc3278ef73348a5
C:\e2381ee526fb65e076df34
C:\5ba038b4aafcffc75cc905fa
C:\050817adc1f2f7e2d1a89361183e
C:\3102fe3942e494dc9b6a
C:\d8d89c40ef90c3cac2
C:\Windows\Installer\{4EF8BE6A-899C-4196-94E7-297C5F7A203E}
C:\Users\Médéric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk
C:\Users\Médéric\AppData\Roaming\vlc(114)
C:\ProgramData\McAfee
C:\ProgramData\p4780LaFaFnF0322
C:\ProgramData\37281528
C:\ProgramData\Spybot - Search & Destroy
C:\Program Files\Mozilla Firefoxavg-secure-search.xml
C:\Program Files\Spybot - Search & Destroy
Driver::
MFEAVFK
MFEBOPK
MFEHIDK
MFEHIDK01
MFERKDK
MFESMFK
vToolbarUpdater15.5.0
MBR::
yes
Clean::
yes
Reboot::
yes
Relance Pre_scan puis choisis l'option « Script« L'outil va travailler instantanément
des fenetres noires risquent de clignoter , c'est normal , c'est le programme qui travaille
poste Pre_Script_date_heure.txt qui apparaitra à la racine du disque systeme (généralement c:\) en fin de travail
