Explorateur Windows a cessé de fonctionner en boucle
Fermé
ShadowLee
Messages postés
53
Date d'inscription
mardi 27 août 2013
Statut
Membre
Dernière intervention
1 septembre 2013
-
Modifié par ShadowLee le 27/08/2013 à 05:39
sevriolain - 26 oct. 2013 à 14:20
sevriolain - 26 oct. 2013 à 14:20
A voir également:
- Explorateur Windows a cessé de fonctionner en boucle
- Explorateur de fichiers - Guide
- Passer de windows 7 à windows 10 - Guide
- Clé windows 10 gratuit - Guide
- Windows 12 - Guide
- Windows ne démarre pas - Guide
63 réponses
g3n-h@ckm@n
Messages postés
13238
Date d'inscription
jeudi 31 janvier 2013
Statut
Membre
Dernière intervention
24 février 2022
948
27 août 2013 à 08:09
27 août 2013 à 08:09
salut
ca le fait à quel moment specialement ? meme si tu ne fais rien ?
ca le fait à quel moment specialement ? meme si tu ne fais rien ?
ShadowLee
Messages postés
53
Date d'inscription
mardi 27 août 2013
Statut
Membre
Dernière intervention
1 septembre 2013
27 août 2013 à 13:34
27 août 2013 à 13:34
Bonjour ca me le fait à n'importe quel moment toutes les 2 min
ShadowLee
Messages postés
53
Date d'inscription
mardi 27 août 2013
Statut
Membre
Dernière intervention
1 septembre 2013
27 août 2013 à 15:07
27 août 2013 à 15:07
salut
je sais qu'il y a beaucoup de monde mais si quelqu'un pouvais s'occuper de moi avant que je parte au boulot merci
je sais qu'il y a beaucoup de monde mais si quelqu'un pouvais s'occuper de moi avant que je parte au boulot merci
g3n-h@ckm@n
Messages postés
13238
Date d'inscription
jeudi 31 janvier 2013
Statut
Membre
Dernière intervention
24 février 2022
948
27 août 2013 à 22:38
27 août 2013 à 22:38
/!\ ATTENTION SUIVRE A LA LETTRE CES INDICATIONS/!\
Desactive tes protections : https://forum.pcastuces.com/default.asp
Télécharge ici : Combofix et enregistre-le sur ton bureau
renomme combofix en ce que tu veux (important pour contrer certaines infections)
si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."
sur combofix renommé
¤¤¤¤¤¤¤¤¤¤ LAISSE-LE INSTALLER LA CONSOLE DE RECUPERATION S'IL TE LE DEMANDE ¤¤¤¤¤¤¤¤¤¤
▶ !!!!!NE TOUCHE A RIEN PENDANT LE TRAVAIL DE COMBOFIX (SOURIS/CLAVIER.....)!!!!!
▶ n'oublie pas de reactiver la garde de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.
▶▶ Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.
▶▶▶ Si, après le redémarrage de votre pc par combofix, vous avez des erreurs "Clé marquée pour suppression" ou des soucis de connexion internet, redémarrez à nouveau votre ordinateur
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
ShadowLee
Messages postés
53
Date d'inscription
mardi 27 août 2013
Statut
Membre
Dernière intervention
1 septembre 2013
28 août 2013 à 03:33
28 août 2013 à 03:33
bonsoir,
ComboFix 13-08-27.02 - yohann 28/08/2013 2:50.1.4 - x86
Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.33.1036.18.3031.1218 [GMT 2:00]
Lancé depuis: c:\users\yohann\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Un nouveau point de restauration a été créé
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\DealPly
c:\program files\DealPly\DealPlyTune.dll
c:\windows\system32\Config.ini
c:\windows\system32\sound
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2013-07-28 au 2013-08-28 ))))))))))))))))))))))))))))))))))))
.
.
2013-08-28 00:42 . 2013-08-28 00:42 29904 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{05C70EE0-CA64-4423-9AA6-BA7369333398}\MpKsl868574da.sys
2013-08-27 02:09 . 2013-08-27 02:11 -------- d-----w- c:\program files\ZHPDiag
2013-08-27 02:09 . 2013-08-27 02:11 -------- d-----w- C:\ZHP
2013-08-26 14:38 . 2013-08-06 07:28 7166848 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{05C70EE0-CA64-4423-9AA6-BA7369333398}\mpengine.dll
2013-08-26 14:26 . 2013-08-06 07:28 7166848 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-08-26 14:08 . 2013-08-27 02:24 -------- d-----w- c:\program files\ma-config.com
2013-08-26 14:08 . 2013-08-26 14:08 -------- d-----w- c:\programdata\ma-config.com
2013-08-26 03:35 . 2013-08-26 03:35 -------- d-----w- c:\users\yohann\AppData\Roaming\Malwarebytes
2013-08-26 03:34 . 2013-08-26 03:34 -------- d-----w- c:\programdata\Malwarebytes
2013-08-26 03:34 . 2013-08-26 15:25 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-08-26 01:23 . 2013-08-26 01:23 -------- d-----w- c:\users\yohann\AppData\Roaming\Systweak
2013-08-26 01:23 . 2013-08-26 15:25 -------- d-----w- c:\program files\RegClean Pro
2013-08-22 12:32 . 2013-08-22 12:32 697992 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9C3B02CC-3E8C-4921-8408-7122EF3DBBCF}\gapaengine.dll
2013-08-18 14:02 . 2013-08-18 14:02 -------- d-----w- c:\programdata\Hi-Rez Studios
2013-08-13 22:22 . 2013-07-09 04:50 652800 ----a-w- c:\windows\system32\rpcrt4.dll
2013-08-13 22:22 . 2013-07-09 04:46 1166848 ----a-w- c:\windows\system32\crypt32.dll
2013-08-13 22:22 . 2013-07-09 04:52 175104 ----a-w- c:\windows\system32\wintrust.dll
2013-08-13 22:22 . 2013-07-09 04:46 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2013-08-13 22:22 . 2013-07-09 04:46 103936 ----a-w- c:\windows\system32\cryptnet.dll
2013-08-13 22:22 . 2013-07-09 05:03 3968960 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-08-13 22:22 . 2013-07-09 05:03 3913664 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-08-13 22:22 . 2013-07-09 04:53 1289096 ----a-w- c:\windows\system32\ntdll.dll
2013-08-13 22:22 . 2013-07-25 08:57 1620992 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-08-13 22:22 . 2013-07-06 05:05 1293760 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-08-13 22:22 . 2013-07-19 01:41 2048 ----a-w- c:\windows\system32\tzres.dll
2013-08-13 22:22 . 2013-06-15 03:38 31232 ----a-w- c:\windows\system32\drivers\tssecsrv.sys
2013-08-10 20:40 . 2013-08-10 20:40 -------- d-----w- c:\users\yohann\AppData\Roaming\Unity
2013-08-10 20:38 . 2013-08-10 20:38 -------- d-----w- c:\users\yohann\AppData\Local\Unity
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-21 13:52 . 2012-04-21 19:10 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-08-21 13:52 . 2011-05-28 18:26 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-07-18 17:12 . 2011-08-21 22:33 698504 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2013-06-30 10:28 . 2013-06-30 10:28 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-06-30 10:28 . 2012-07-06 13:26 867240 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-06-30 10:28 . 2011-09-30 00:14 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-06-18 19:50 . 2013-06-18 19:50 211560 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2013-06-18 19:50 . 2010-10-24 19:25 107392 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2013-06-05 03:05 . 2013-07-09 18:20 2347520 ----a-w- c:\windows\system32\win32k.sys
2013-06-04 04:53 . 2013-07-09 18:20 509440 ----a-w- c:\windows\system32\qedit.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"="c:\users\yohann\AppData\Local\Akamai\netsession_win.exe" [2013-06-04 4489472]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-06-20 995176]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.0.318\SSScheduler.exe [2013-2-5 272248]
WiFi Station N.lnk - c:\program files\Hercules\WiFiStationN\WiFiN.exe -s [2012-6-16 128296]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-06-21 162408]
R3 cpuz135;cpuz135;c:\users\yohann\AppData\Local\Temp\cpuz135\cpuz135_x32.sys [x]
R3 EagleXNt;EagleXNt;c:\windows\system32\drivers\EagleXNt.sys [x]
R3 jgameenp;jgameenp;c:\users\yohann\AppData\Local\Temp\jgameenp.sys [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.0.318\McCHSvc.exe [2013-02-05 235216]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-06-18 107392]
R3 NisSrv;Inspection du réseau Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe [2013-06-20 295376]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2011-05-11 4330168]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 49664]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2011-05-28 1343400]
S1 MpKsl868574da;MpKsl868574da;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{05C70EE0-CA64-4423-9AA6-BA7369333398}\MpKsl868574da.sys [2013-08-28 29904]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 HerculesWiFi;HerculesWiFi;c:\windows\system32\\HerculesWiFiService.exe [2010-11-17 53544]
S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;d:\program files\Hi-Rez Studios\HiPatchService.exe [2013-08-13 9216]
S2 MaConfigAgent;Ma-Config Agent;c:\program files\ma-config.com\MaConfigAgent.exe [2013-08-22 1783632]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-01-18 383264]
S2 TeamViewer7;TeamViewer 7;c:\program files\TeamViewer\Version7\TeamViewer_Service.exe [2012-01-19 3027840]
S3 dc3d;Pilote de détection des périphériques Microsoft Hardware;c:\windows\system32\DRIVERS\dc3d.sys [2013-05-06 65200]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2011-06-10 394856]
S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys [2010-11-25 603240]
.
.
--- Autres Services/Pilotes en mémoire ---
.
*NewlyCreated* - MPKSL868574DA
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Contenu du dossier 'Tâches planifiées'
.
2013-08-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-21 13:52]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/
uInternet Settings,ProxyOverride = 127.0.0.1:9421;<local>
Trusted Zone: ma-config.com
Trusted Zone: touslesdrivers.com
TCP: DhcpNameServer = 80.10.46.232 80.10.46.232
FF - ProfilePath - c:\users\yohann\AppData\Roaming\Mozilla\Firefox\Profiles\7wfkqo5y.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ORJ&o=&locale=&apn_uid=3B8E900F-0C47-43BD-B534-7495472AAA6C&apn_ptnrs=&apn_sauid=B3579399-6631-4EBC-ABEA-97AC12313001&apn_dtid=OSJ000&&q=
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=110818
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.id - 242053690000000000004061868fc9b9
FF - user.js: extensions.BabylonToolbar_i.hardId - 242053690000000000004061868fc9b9
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15434
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1715:49
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - tb9
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
user_pref('extensions.dealply.partner', 'iron');
user_pref('extensions.dealply.channel', 'iron3');
user_pref('extensions.dealply.installId', 'v23600246184174247775142012040415501821');
user_pref('extensions.dealply.installIdSource', 'inst');
user_pref('extensions.dealply.sampleGroup', '1');
.
- - - - ORPHELINS SUPPRIMES - - - -
.
URLSearchHooks-{00000000-6E41-4FD3-8538-502F5495E5FC} - c:\program files\Ask.com\GenericAskToolbar.dll
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files\common files\akamai/netsession_win_8fa3539.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2013-08-28 02:59:33
ComboFix-quarantined-files.txt 2013-08-28 00:59
.
Avant-CF: 80 342 302 720 octets libres
Après-CF: 80 290 832 384 octets libres
.
- - End Of File - - B534A390A60A256B847A887A2F3D3B63
A36C5E4F47E84449FF07ED3517B43A31
j'espère que ca vous aidera pour info je n'utilise pas d'anti virus
ComboFix 13-08-27.02 - yohann 28/08/2013 2:50.1.4 - x86
Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.33.1036.18.3031.1218 [GMT 2:00]
Lancé depuis: c:\users\yohann\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Un nouveau point de restauration a été créé
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\DealPly
c:\program files\DealPly\DealPlyTune.dll
c:\windows\system32\Config.ini
c:\windows\system32\sound
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2013-07-28 au 2013-08-28 ))))))))))))))))))))))))))))))))))))
.
.
2013-08-28 00:42 . 2013-08-28 00:42 29904 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{05C70EE0-CA64-4423-9AA6-BA7369333398}\MpKsl868574da.sys
2013-08-27 02:09 . 2013-08-27 02:11 -------- d-----w- c:\program files\ZHPDiag
2013-08-27 02:09 . 2013-08-27 02:11 -------- d-----w- C:\ZHP
2013-08-26 14:38 . 2013-08-06 07:28 7166848 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{05C70EE0-CA64-4423-9AA6-BA7369333398}\mpengine.dll
2013-08-26 14:26 . 2013-08-06 07:28 7166848 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-08-26 14:08 . 2013-08-27 02:24 -------- d-----w- c:\program files\ma-config.com
2013-08-26 14:08 . 2013-08-26 14:08 -------- d-----w- c:\programdata\ma-config.com
2013-08-26 03:35 . 2013-08-26 03:35 -------- d-----w- c:\users\yohann\AppData\Roaming\Malwarebytes
2013-08-26 03:34 . 2013-08-26 03:34 -------- d-----w- c:\programdata\Malwarebytes
2013-08-26 03:34 . 2013-08-26 15:25 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-08-26 01:23 . 2013-08-26 01:23 -------- d-----w- c:\users\yohann\AppData\Roaming\Systweak
2013-08-26 01:23 . 2013-08-26 15:25 -------- d-----w- c:\program files\RegClean Pro
2013-08-22 12:32 . 2013-08-22 12:32 697992 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9C3B02CC-3E8C-4921-8408-7122EF3DBBCF}\gapaengine.dll
2013-08-18 14:02 . 2013-08-18 14:02 -------- d-----w- c:\programdata\Hi-Rez Studios
2013-08-13 22:22 . 2013-07-09 04:50 652800 ----a-w- c:\windows\system32\rpcrt4.dll
2013-08-13 22:22 . 2013-07-09 04:46 1166848 ----a-w- c:\windows\system32\crypt32.dll
2013-08-13 22:22 . 2013-07-09 04:52 175104 ----a-w- c:\windows\system32\wintrust.dll
2013-08-13 22:22 . 2013-07-09 04:46 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2013-08-13 22:22 . 2013-07-09 04:46 103936 ----a-w- c:\windows\system32\cryptnet.dll
2013-08-13 22:22 . 2013-07-09 05:03 3968960 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-08-13 22:22 . 2013-07-09 05:03 3913664 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-08-13 22:22 . 2013-07-09 04:53 1289096 ----a-w- c:\windows\system32\ntdll.dll
2013-08-13 22:22 . 2013-07-25 08:57 1620992 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-08-13 22:22 . 2013-07-06 05:05 1293760 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-08-13 22:22 . 2013-07-19 01:41 2048 ----a-w- c:\windows\system32\tzres.dll
2013-08-13 22:22 . 2013-06-15 03:38 31232 ----a-w- c:\windows\system32\drivers\tssecsrv.sys
2013-08-10 20:40 . 2013-08-10 20:40 -------- d-----w- c:\users\yohann\AppData\Roaming\Unity
2013-08-10 20:38 . 2013-08-10 20:38 -------- d-----w- c:\users\yohann\AppData\Local\Unity
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-21 13:52 . 2012-04-21 19:10 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-08-21 13:52 . 2011-05-28 18:26 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-07-18 17:12 . 2011-08-21 22:33 698504 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2013-06-30 10:28 . 2013-06-30 10:28 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-06-30 10:28 . 2012-07-06 13:26 867240 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-06-30 10:28 . 2011-09-30 00:14 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-06-18 19:50 . 2013-06-18 19:50 211560 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2013-06-18 19:50 . 2010-10-24 19:25 107392 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2013-06-05 03:05 . 2013-07-09 18:20 2347520 ----a-w- c:\windows\system32\win32k.sys
2013-06-04 04:53 . 2013-07-09 18:20 509440 ----a-w- c:\windows\system32\qedit.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"="c:\users\yohann\AppData\Local\Akamai\netsession_win.exe" [2013-06-04 4489472]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-06-20 995176]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.0.318\SSScheduler.exe [2013-2-5 272248]
WiFi Station N.lnk - c:\program files\Hercules\WiFiStationN\WiFiN.exe -s [2012-6-16 128296]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-06-21 162408]
R3 cpuz135;cpuz135;c:\users\yohann\AppData\Local\Temp\cpuz135\cpuz135_x32.sys [x]
R3 EagleXNt;EagleXNt;c:\windows\system32\drivers\EagleXNt.sys [x]
R3 jgameenp;jgameenp;c:\users\yohann\AppData\Local\Temp\jgameenp.sys [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.0.318\McCHSvc.exe [2013-02-05 235216]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-06-18 107392]
R3 NisSrv;Inspection du réseau Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe [2013-06-20 295376]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2011-05-11 4330168]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 49664]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2011-05-28 1343400]
S1 MpKsl868574da;MpKsl868574da;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{05C70EE0-CA64-4423-9AA6-BA7369333398}\MpKsl868574da.sys [2013-08-28 29904]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 HerculesWiFi;HerculesWiFi;c:\windows\system32\\HerculesWiFiService.exe [2010-11-17 53544]
S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;d:\program files\Hi-Rez Studios\HiPatchService.exe [2013-08-13 9216]
S2 MaConfigAgent;Ma-Config Agent;c:\program files\ma-config.com\MaConfigAgent.exe [2013-08-22 1783632]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-01-18 383264]
S2 TeamViewer7;TeamViewer 7;c:\program files\TeamViewer\Version7\TeamViewer_Service.exe [2012-01-19 3027840]
S3 dc3d;Pilote de détection des périphériques Microsoft Hardware;c:\windows\system32\DRIVERS\dc3d.sys [2013-05-06 65200]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2011-06-10 394856]
S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys [2010-11-25 603240]
.
.
--- Autres Services/Pilotes en mémoire ---
.
*NewlyCreated* - MPKSL868574DA
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Contenu du dossier 'Tâches planifiées'
.
2013-08-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-21 13:52]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/
uInternet Settings,ProxyOverride = 127.0.0.1:9421;<local>
Trusted Zone: ma-config.com
Trusted Zone: touslesdrivers.com
TCP: DhcpNameServer = 80.10.46.232 80.10.46.232
FF - ProfilePath - c:\users\yohann\AppData\Roaming\Mozilla\Firefox\Profiles\7wfkqo5y.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ORJ&o=&locale=&apn_uid=3B8E900F-0C47-43BD-B534-7495472AAA6C&apn_ptnrs=&apn_sauid=B3579399-6631-4EBC-ABEA-97AC12313001&apn_dtid=OSJ000&&q=
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=110818
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.id - 242053690000000000004061868fc9b9
FF - user.js: extensions.BabylonToolbar_i.hardId - 242053690000000000004061868fc9b9
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15434
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1715:49
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - tb9
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
user_pref('extensions.dealply.partner', 'iron');
user_pref('extensions.dealply.channel', 'iron3');
user_pref('extensions.dealply.installId', 'v23600246184174247775142012040415501821');
user_pref('extensions.dealply.installIdSource', 'inst');
user_pref('extensions.dealply.sampleGroup', '1');
.
- - - - ORPHELINS SUPPRIMES - - - -
.
URLSearchHooks-{00000000-6E41-4FD3-8538-502F5495E5FC} - c:\program files\Ask.com\GenericAskToolbar.dll
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files\common files\akamai/netsession_win_8fa3539.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2013-08-28 02:59:33
ComboFix-quarantined-files.txt 2013-08-28 00:59
.
Avant-CF: 80 342 302 720 octets libres
Après-CF: 80 290 832 384 octets libres
.
- - End Of File - - B534A390A60A256B847A887A2F3D3B63
A36C5E4F47E84449FF07ED3517B43A31
j'espère que ca vous aidera pour info je n'utilise pas d'anti virus
g3n-h@ckm@n
Messages postés
13238
Date d'inscription
jeudi 31 janvier 2013
Statut
Membre
Dernière intervention
24 février 2022
948
Modifié par g3n-h@ckm@n le 28/08/2013 à 08:30
Modifié par g3n-h@ckm@n le 28/08/2013 à 08:30
desinstalle mcafee security scan plus ca sert à rien
desinstalle regClean Pro c'est de la daube
==
Télécharge et enregistre (lien direct) http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner ADWCleaner sur ton bureau :
Lance le,(Pour vista/7/8 => clic droit "executer en tant qu'administrateur") puis clique sur scan
une fois fait , clique sur nettoyer et poste C:\Adwcleaner[Sx].txt
==
execute ceci :
http://security-helpzone.com/gen-hackman/tutos-canneds/junkware-removal-tool/
¤¤¤¤¤¤¤¤¤¤_Pre_Scan_Concept_¤¤¤¤¤¤¤¤¤¤
Bientôt désinscrit de Commentcamarche...
desinstalle regClean Pro c'est de la daube
==
Télécharge et enregistre (lien direct) http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner ADWCleaner sur ton bureau :
Lance le,(Pour vista/7/8 => clic droit "executer en tant qu'administrateur") puis clique sur scan
une fois fait , clique sur nettoyer et poste C:\Adwcleaner[Sx].txt
==
execute ceci :
http://security-helpzone.com/gen-hackman/tutos-canneds/junkware-removal-tool/
¤¤¤¤¤¤¤¤¤¤_Pre_Scan_Concept_¤¤¤¤¤¤¤¤¤¤
Bientôt désinscrit de Commentcamarche...
ShadowLee
Messages postés
53
Date d'inscription
mardi 27 août 2013
Statut
Membre
Dernière intervention
1 septembre 2013
28 août 2013 à 12:16
28 août 2013 à 12:16
premier raport avec adwcleaner:
# AdwCleaner v3.001 - Rapport créé le 28/08/2013 à 11:55:31
# Mis à jour le 24/08/2013 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (32 bits)
# Nom d'utilisateur : yohann - YOHANN-PC
# Exécuté depuis : C:\Users\yohann\Downloads\adwcleaner.exe
# Option : Nettoyer
***** [ Services ] *****
***** [ Fichiers / Dossiers ] *****
Dossier Supprimé : C:\ProgramData\Ask
Dossier Supprimé : C:\ProgramData\Babylon
Dossier Supprimé : C:\Users\yohann\AppData\Local\Babylon
Dossier Supprimé : C:\Users\yohann\AppData\Local\PackageAware
Dossier Supprimé : C:\Users\yohann\AppData\Roaming\Babylon
Dossier Supprimé : C:\Users\yohann\AppData\Roaming\Systweak
Fichier Supprimé : C:\Users\yohann\AppData\Roaming\Mozilla\Firefox\Profiles\9ct7lyzh.Go2-Chloé\searchplugins\Askcom.xml
Fichier Supprimé : C:\Program Files\Mozilla Firefox\searchplugins\Babylon.xml
Fichier Supprimé : C:\Users\yohann\AppData\Roaming\Mozilla\Firefox\Profiles\7wfkqo5y.default\user.js
***** [ Raccourcis ] *****
***** [ Registre ] *****
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Clé Supprimée : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Clé Supprimée : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Clé Supprimée : HKLM\SOFTWARE\Classes\Prod.cap
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\I Want This_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\I Want This_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{65BCD620-07DD-012F-819F-073CF1B8F7C6}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9D5BD211-422C-4164-9298-BB4186A30F31}
Clé Supprimée : HKCU\Software\1ClickDownload
Clé Supprimée : HKCU\Software\InstallCore
Clé Supprimée : HKCU\Software\Softonic
Clé Supprimée : HKCU\Software\AppDataLow\Software\Crossrider
Clé Supprimée : HKLM\Software\Babylon
***** [ Navigateurs ] *****
-\\ Internet Explorer v10.0.9200.16660
-\\ Mozilla Firefox v23.0.1 (fr)
[ Fichier : C:\Users\yohann\AppData\Roaming\Mozilla\Firefox\Profiles\1s2piaxf.Go2-Gr2\prefs.js ]
[ Fichier : C:\Users\yohann\AppData\Roaming\Mozilla\Firefox\Profiles\1u1lzf05.Go2-Gr3\prefs.js ]
[ Fichier : C:\Users\yohann\AppData\Roaming\Mozilla\Firefox\Profiles\4n0r3d6v.Go2-2\prefs.js ]
[ Fichier : C:\Users\yohann\AppData\Roaming\Mozilla\Firefox\Profiles\54esynjg.Julien\prefs.js ]
[ Fichier : C:\Users\yohann\AppData\Roaming\Mozilla\Firefox\Profiles\7wfkqo5y.default\prefs.js ]
Ligne Supprimée : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Ligne Supprimée : user_pref("browser.search.defaultengine", "Ask.com");
Ligne Supprimée : user_pref("browser.search.defaultenginename", "Ask.com");
Ligne Supprimée : user_pref("browser.search.order.1", "Ask.com");
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.babExt", "");
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=110818");
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.hardId", "242053690000000000004061868fc9b9");
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.id", "242053690000000000004061868fc9b9");
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.instlDay", "15434");
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.newTab", true);
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?affID=110818&babsrc=NT_ss&mntrId=242053690000000000004061868fc9b9");
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.tlbrId", "tb9");
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1715:49:59");
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Ligne Supprimée : user_pref("extensions.asktb.ff-original-keyword-url", "hxxp://search.babylon.com/?affID=110818&babsrc=KW_ss&mntrId=242053690000000000004061868fc9b9&q=");
Ligne Supprimée : user_pref("extensions.crossrider.bic", "1367d9ef40c91ae6368548dd816d00c0");
Ligne Supprimée : user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ORJ&o=&locale=&apn_uid=3B8E900F-0C47-43BD-B534-7495472AAA6C&apn_ptnrs=&apn_sauid=B3579399-6631-4EBC-ABEA-97AC12313001&ap[...]
[ Fichier : C:\Users\yohann\AppData\Roaming\Mozilla\Firefox\Profiles\9ct7lyzh.Go2-Chloé\prefs.js ]
[ Fichier : C:\Users\yohann\AppData\Roaming\Mozilla\Firefox\Profiles\aq89spv9.Go2-Gr4\prefs.js ]
[ Fichier : C:\Users\yohann\AppData\Roaming\Mozilla\Firefox\Profiles\ggo0ufyr.Reroll-dijo\prefs.js ]
[ Fichier : C:\Users\yohann\AppData\Roaming\Mozilla\Firefox\Profiles\kkaefm6k.Kivige\prefs.js ]
[ Fichier : C:\Users\yohann\AppData\Roaming\Mozilla\Firefox\Profiles\o6vsmpok.Go2-Gr1\prefs.js ]
[ Fichier : C:\Users\yohann\AppData\Roaming\Mozilla\Firefox\Profiles\xgdontd1.Go2-Choulee\prefs.js ]
*************************
AdwCleaner[R0].txt - [7552 octets] - [28/08/2013 11:54:26]
AdwCleaner[S0].txt - [7579 octets] - [28/08/2013 11:55:31]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7639 octets] ##########
2 éme rapport avec JRT
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.4 (08.22.2013:1)
OS: Windows 7 Home Premium x86
Ran by yohann on 28/08/2013 at 12:06:26,69
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9FF80864-D2BC-4F83-BE76-D78FBBC5EA0C}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Windows\system32\ai_recyclebin"
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{006C5A04-FCA6-40EA-A69A-CAB1C8B53E26}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{01497B95-A143-4323-A4D8-E3FC6746D1C4}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{01C82F55-2F8D-465D-A5D8-DF4A7329F4B7}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{0303D476-501E-4780-BF80-EFDC3476B374}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{03C34D90-EEC5-4EA3-BF45-4AABAE2DD1D1}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{06D3A9CD-2E5B-45AE-A6C9-E0D692476CD4}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{08387CFE-6C1F-45F5-89FE-96FA9902589C}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{0A448237-B32C-4FCB-AFDE-F8DA38DCD1E5}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{0A61C4A7-9480-40DE-90FB-E86A072E3095}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{0D2173E4-2C50-4103-A0D6-794BF4686500}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{0ECE4803-60AD-4620-92A9-75931A938120}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{1118343F-24DF-4205-94E6-ABC3D9E61C97}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{11C7ECB7-10ED-4A2D-B275-EE430EFE6703}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{14660B89-C690-4134-907B-5B11F52B814F}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{147D6F18-EB4E-4F14-9CBA-C37AE9A5FFB9}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{15E13465-EC35-4B18-8DAC-6B3A8255D24A}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{1607F6EE-412C-465C-9531-2095DD9279D1}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{1683AEAD-BFEF-413B-81D7-CA6F794BDD3E}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{17C02344-89A2-44A5-A71F-9FBE552A026F}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{17D81FCC-F1F1-4180-857E-63D388F0F27A}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{17EC6C4A-F933-4170-8926-62729C10B821}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{19A0CA48-42FD-4A19-8098-EC7E2A99810E}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{1B2B5177-2DD5-4D47-B1BA-1AA2F49B2E3C}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{1DE25D80-F9D0-4575-A60D-75F072EA351A}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{1EEEB31E-A02F-4D12-874B-95B4AE405C09}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{1FB95EBC-66C8-4D7B-80D4-16CB1946E99D}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{1FBA981D-1134-4D0A-819E-2D68038F10B0}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{20435D63-48B1-473F-9B55-C014CC6198F1}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{245118C4-288B-4EE5-A0CC-E060E3D006F8}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{26417A66-685E-4E80-B55E-67CCB392129A}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{265F8C7E-E460-481D-84CB-92F28C9F1700}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{26E86BA9-B2D3-47F5-BFAD-65A39E2B37F9}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{2706FDFF-B10F-4F93-BBD4-341A95D441F3}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{27594B8A-6999-4972-BE0A-4CDD89FD3116}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{27E8FFC5-E1E7-4B32-87B8-EE5A4A320B7C}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{2AD46ADB-6A68-431B-98DE-9F9DFA76354A}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{2C9FC54F-1FA3-4C2F-92A7-A0D888682EC4}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{2E298428-B982-4278-9EDA-100F2B738B63}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{2E844DC2-FAD6-4908-A7B5-5A780C2F080E}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{2EDE8B1F-609E-4896-AE5A-59CBA427ABFD}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{3240FFFB-1086-404E-9F90-8B2BCD430D5A}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{33966CDD-D2FD-41F7-8F4A-4BB5B6E4A315}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{351678AE-46F0-475F-8F00-2C3425280767}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{35678574-C096-4120-BD35-5BC68B3FA589}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{36A5D431-734A-4D43-AFC3-E183E4B8F491}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{3719F377-2E64-417A-A094-7FFDAED1EC41}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{39D31C04-28AE-41ED-BBA9-E1697AEC6152}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{3BBB9BEF-4B5D-4B77-ACAD-F269F992AE95}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{3DD68A67-6162-43A7-9E32-8975AB2191AE}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{3E1D4ED5-4555-4E53-B0F3-69E3E3943A7A}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{404689C2-8A22-4FDF-B33C-06D6CF393E81}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{40D6EBFF-0120-404D-98DA-6F1CFA2452DA}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{42D0E3C5-4EE5-4E4D-8CF4-1338B0DA661D}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{4491C4FF-E8B0-47B3-ADCD-C01F9CA5FE22}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{45C86727-857E-44A4-A5AB-F75A5B4B21C3}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{460188BB-02C1-4A5C-B02F-64E27F07DA97}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{46F9A2A2-0848-49DA-9644-8032778BCAAF}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{47934477-19DE-496E-B17A-44AB7F836E0E}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{488217C7-C21D-4CA9-BDF9-8DA3998F401F}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{4A640689-9198-4651-A939-6B2F86A115BD}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{4ACC60DA-D0C2-42D8-9B8B-A2724515EC95}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{4AF8E8E9-9A08-47F8-888A-2E960C05F741}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{4AFF9245-BE9B-4C71-99AF-1BDE3B2E8DCE}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{4B32364B-8BA3-4A3E-B4F3-BAE6E4AAB32B}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{5105A341-19C1-4C5C-92CC-9A2EAADB4828}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{51396BDA-3076-42DC-974D-F5C861A21488}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{5260DD79-B695-4ED0-808B-76149DEC8FBC}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{548811CD-040B-4C8C-9A99-DAAC17CA6FAE}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{562B88C3-FE88-4678-A347-A00625BED231}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{5850837A-DA2C-4918-A7BD-37082682894B}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{5912D830-2468-4EEE-AA86-E78538C92780}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{59AF876F-FF07-455F-931E-48051A931F31}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{5B79FBE0-F0F9-4028-BC19-84CC77B23BD2}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{5BFA6A3D-B655-47E0-82C6-4BAD33D480A6}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{5C2B4356-1182-4849-821F-C1DB1F73078E}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{5CE272E4-CA3F-4FB2-8F0C-0DECC3CB7117}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{5D45A516-17E9-403E-8D9B-94EDEE24F459}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{5D4D218D-1C7F-428E-A8CB-9B0ADA0CB6B5}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{5D8C071E-74CD-411B-B301-0834B50014BD}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{5DA3EF2E-D928-4C19-A4D2-2326A985F777}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{5E01AFB6-6B1F-482A-8698-AEF323F955CD}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{5E98A57D-65FF-4F47-B130-06568F8E95CB}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{6007DCB0-B67E-4FF5-9448-B7FB6979A5ED}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{60F1D814-07E9-4ACF-8DFE-4DF939072E3D}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{61AA0661-BEDD-471C-B818-EB2A5EF78D2B}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{64A93172-74FC-44F5-BBC2-32706438DC6E}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{671A2365-1C1A-461F-AD5A-D14A87840A9D}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{6750A2E2-427B-42DF-BBE3-B2945713293D}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{67EE3D9B-3DCE-49B6-B549-0D4858340C42}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{690B8F72-4C2D-442C-B9A0-B7B13AE9A340}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{6A512733-9908-47C5-A350-D713BCEB0250}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{6B47E1AD-56B2-4195-BCBD-B9C6CD9D4542}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{6C1C7EF9-9C2D-4210-88F8-F926565B1260}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{6EBACB11-005D-44B3-BED7-91A87BA19F36}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{6FA0104C-3F45-4F60-A767-715751BEBDAF}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{70EC08B2-5EBB-4A1C-B850-C17D38FF33AA}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{76B095CD-F7F0-45B4-9788-E661DEAF1D34}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{7752E499-9A9C-480C-B340-8E9607C483FA}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{780E5F71-4A2C-4770-804F-DFFC06DFBE95}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{790B2756-4F26-4317-AC41-5F9E47459FD3}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{79402BF2-9FAE-4DAB-BA69-4D3AFD45FB3E}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{7A60AC15-6E06-47B1-8594-AA079649AD1F}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{7A98E093-ECDE-4C52-A232-4E0E3174E304}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{7B574685-F161-41CF-8E51-6446D2DA1592}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{7D62AF7F-9D27-4757-B3F3-CA44E7129830}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{7D7AEDA9-8245-4052-8FAE-FB6F1178F68C}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{7E37451F-0BDC-4571-9C11-87F629E3F123}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{7E37602E-AE5A-484D-844F-A1B3D2D8912F}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{8151590F-3C9E-4766-8845-B1816E0B04BB}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{83218E4B-85B2-425B-8D6D-DFEE72FC1CF6}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{84095F08-268A-420A-AD37-B3E9D6CBDDAF}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{85EBC4D5-05B4-4EFB-991F-E529903F8A40}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{86499B26-7F8E-45B9-9808-93BD99D1CAE8}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{868A8231-FCA7-45B1-BAE8-38C2F179CB76}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{8951D35F-477C-4CF1-87E6-968689FEA46F}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{8C108AC2-30F7-4871-9789-F7B26EF284E5}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{8C9B2B52-F31F-4AE7-8E1C-D3DA9B0A9B45}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{8EF8C05B-97D7-4238-A046-3025BB82BDC6}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{914D2661-FA15-422C-8F37-FC3B3D945626}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{91CA3F52-9BCE-4BA3-8924-89CDDA3F5CD8}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{93B603AA-E11B-4BBC-A4B0-9DA8C5197D3A}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{965C589F-9435-4430-9CE5-859CED9C11D4}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{96B67CB5-85DA-47CE-AD5B-6C9A3AE684B9}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{96DA2F5B-13EA-4133-BF7C-04C59DF09C6E}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{9A5F1DF8-119C-44C5-B55D-70F6B40F8794}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{9DD32759-78C9-4A18-B8B3-850545CB829A}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{9EBB0F9F-0AAC-4649-8DD9-83CD87B3114F}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{A2201028-0387-4D9D-98AF-83F58FB033C9}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{A266C5A9-F68E-4347-A0D9-E7B61E03D357}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{A2ACC89E-B742-42BD-AD5E-03F14ACE028E}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{A2C59421-63EA-42AD-8F65-73B56C903D17}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{A30631E7-1762-44EC-AC26-637E03E7B52F}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{A48CFD67-EADF-45F4-BA52-BF6D32196BE6}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{A6703C0D-C665-4928-AEB4-0EA5D3623E86}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{A72C320E-20C7-4E82-8A75-F5C7602D6FED}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{AA580934-C681-4F98-B23B-C9D8942C914D}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{AA7464B2-EF34-47CF-AAE2-99E22B3448B8}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{AB5CB937-8EC2-49A3-99A7-A184298FF82F}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{ACA50C33-8B18-4497-8DB6-3CBC167500CE}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{ACA741CE-922C-4CAC-96F0-7C4BDA2DEDEB}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{AF092EF8-0B2F-4A43-9507-215CE58027D6}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{AF60D47B-4808-4D29-9952-EC181BE515AB}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{B28F02DB-93C6-4E9C-B75B-F9FD413008B3}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{B4AA1AF1-3981-432D-A75A-262DCE1B4ABE}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{B6B583D8-9AFD-4A3A-B171-60A16E0AC5CA}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{B6DF1834-2418-4C21-B379-BEAAE8E8CD0F}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{B87EDA29-8C11-41EB-87CF-FD9019DA160E}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{B8CB0D88-C2FF-40FE-B4C8-B04E63682EFC}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{B8E3A221-6831-4711-AAE1-C45434956454}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{B921B873-CA56-4DEB-A791-8947508DF652}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{B9A99FFA-C8D4-43B4-B9B1-5D7159D7D3B5}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{BA0DCA16-EF97-4C23-8EBE-1ECE2E626834}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{BB35F7C3-C5CB-4CA1-90C3-70E28991F6B6}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{BC85585E-8902-4738-AB27-E5D76AF015BD}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{BCA15829-50DD-40CC-9400-34DEB7F043DF}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{C27346B8-73D1-4716-BCBB-EF94A689503D}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{C361C18F-83C5-4132-A78D-216B6003DA6F}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{C38FBB23-3A56-4BF3-AE1D-8D669EDCD16C}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{C429988B-F28E-4401-9105-C3FBBD1661E0}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{C51FA38A-3940-4A39-ABE7-AD74B22C05F5}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{C70F3E32-2854-42C6-91C2-5E880EF60BE5}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{C7E5320A-EE1F-4A39-87BD-8A27BE0903E4}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{C8FE9635-5D67-4BD4-B9AC-A5D3FED6AD2C}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{C9F731FE-03DA-47A7-A6B5-0F6C042A7EA2}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{CA1A8F1A-EB9A-4619-AC32-B6D7388010FF}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{CB386B46-EC85-4A0E-B55D-761FD742266C}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{CD693232-BE62-444E-953C-64050EAC7A0B}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{CF0159DF-5A0A-48AA-9D09-D6B9D1FF6D0B}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{D0A92CD6-389A-4AD3-BAFB-15FBE65F0271}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{D0E94C79-880C-48BF-95C7-1593A1EE79B7}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{D1946349-325D-4C52-9A38-27A52E0641B0}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{D44DC8D1-0075-4325-8571-60F252D5FDF4}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{D4A9FB55-4D23-41A3-BCA3-BF67A78CE3D4}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{D67E88AE-CE71-4B53-A47E-585DA9E61233}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{D6A28BFE-E8A8-4507-A275-69666892EA26}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{D6CAEE80-35E5-4C6A-935D-83E3B1FA4DCC}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{D74FD6BC-407E-48F2-8E3E-403F765DAD42}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{D7E5D13A-CA41-4C9F-B0EC-76F05BF020D1}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{DA3699A8-0651-427E-858A-CB40ECC79194}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{DBD7B17C-5DC0-4BB0-9036-1D669CDA2A4E}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{DC15BA26-4DF9-4971-A331-BFC4593615D8}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{E08B6593-5228-4213-BD74-6E54CF5E69D0}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{E18D07FB-90CE-4B99-9D6D-5FEF7D8A4D13}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{E3F43CD5-8C00-48F1-AE32-DC0093BA89F1}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{E4E91BAB-2384-4EA2-A269-E50453CBFC41}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{E593F319-0167-481E-81A1-73B323E54126}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{E5EAFD82-E156-409C-A01B-50F51AF58383}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{E605ABBA-F4A6-4D18-9BBD-9BBF4579E734}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{E64A5CB5-5A20-4E94-BBC6-24E79F52E191}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{E7DB18B0-0FA5-4A31-9B79-9DC0732D9238}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{E885F776-03B5-4560-ADF7-3B9A72E561B2}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{E97D092E-40A7-4B6A-8B1E-39BED1122E2F}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{ED4DC5C7-74DD-467A-AFEF-D54747419C1C}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{EE16D636-B66A-4BD0-845F-E2ED0B25791D}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{EE8D50E2-C6E4-435A-A327-1B8A796254D2}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{EECCD779-767E-43F1-8B65-6CCE83A0C653}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{EEFABD54-764F-42FD-B4D0-D418CF22EA2D}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{EF11AEA7-3BA7-4168-BE6A-BCF3384FD292}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{F0E6A423-E547-4F3D-A3D8-A67055F4E657}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{F27D544E-EB2F-4CEC-945E-9DF24E45EEB6}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{F3E921AA-E85B-4160-97E1-E1267D3108C7}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{F424E045-50FB-4578-B18D-C63D71B5ACE1}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{F4F1CFCC-4B7A-4625-8ECB-8F7060CC280D}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{F4FD6875-5E72-449B-93BD-065B1F6BAB7C}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{F51D6C76-7F17-46EE-A225-59CAB59A46DA}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{F75BF43D-1865-4866-A3C8-7B991B9261DC}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{F7D87E6F-9044-4B9D-A1DD-87FD6826A908}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{F9586B4B-C3B5-4098-A295-F734DC802974}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{F9736631-33B4-43D8-A316-F840AC67EA58}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{FB103DC9-FCBA-4E1B-A6CC-9B763439A4B2}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{FBB39429-60B0-4D1F-ADA4-F9C2EEDDE2F0}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{FD826B84-C96F-43D3-9D6E-551D4B040520}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{FE2074DA-F7B2-4A23-9D1E-14EAB0E6E922}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{FE5BE8E0-C1DD-4F36-8CAC-2D7D4B9BD140}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{FFC13543-42A3-47C9-A08B-DB20330AA922}
~~~ FireFox
Emptied folder: C:\Users\yohann\AppData\Roaming\mozilla\firefox\profiles\7wfkqo5y.default\minidumps [630 files]
Emptied folder: C:\Users\yohann\AppData\Roaming\mozilla\firefox\profiles\4n0r3d6v.Go2-2\minidumps [79 files]
Emptied folder: C:\Users\yohann\AppData\Roaming\mozilla\firefox\profiles\xgdontd1.Go2-Choulee\minidumps [43 files]
Emptied folder: C:\Users\yohann\AppData\Roaming\mozilla\firefox\profiles\o6vsmpok.Go2-Gr1\minidumps [28 files]
Emptied folder: C:\Users\yohann\AppData\Roaming\mozilla\firefox\profiles\1s2piaxf.Go2-Gr2\minidumps [18 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 28/08/2013 at 12:10:51,46
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# AdwCleaner v3.001 - Rapport créé le 28/08/2013 à 11:55:31
# Mis à jour le 24/08/2013 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (32 bits)
# Nom d'utilisateur : yohann - YOHANN-PC
# Exécuté depuis : C:\Users\yohann\Downloads\adwcleaner.exe
# Option : Nettoyer
***** [ Services ] *****
***** [ Fichiers / Dossiers ] *****
Dossier Supprimé : C:\ProgramData\Ask
Dossier Supprimé : C:\ProgramData\Babylon
Dossier Supprimé : C:\Users\yohann\AppData\Local\Babylon
Dossier Supprimé : C:\Users\yohann\AppData\Local\PackageAware
Dossier Supprimé : C:\Users\yohann\AppData\Roaming\Babylon
Dossier Supprimé : C:\Users\yohann\AppData\Roaming\Systweak
Fichier Supprimé : C:\Users\yohann\AppData\Roaming\Mozilla\Firefox\Profiles\9ct7lyzh.Go2-Chloé\searchplugins\Askcom.xml
Fichier Supprimé : C:\Program Files\Mozilla Firefox\searchplugins\Babylon.xml
Fichier Supprimé : C:\Users\yohann\AppData\Roaming\Mozilla\Firefox\Profiles\7wfkqo5y.default\user.js
***** [ Raccourcis ] *****
***** [ Registre ] *****
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Clé Supprimée : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Clé Supprimée : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Clé Supprimée : HKLM\SOFTWARE\Classes\Prod.cap
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\I Want This_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\I Want This_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{65BCD620-07DD-012F-819F-073CF1B8F7C6}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9D5BD211-422C-4164-9298-BB4186A30F31}
Clé Supprimée : HKCU\Software\1ClickDownload
Clé Supprimée : HKCU\Software\InstallCore
Clé Supprimée : HKCU\Software\Softonic
Clé Supprimée : HKCU\Software\AppDataLow\Software\Crossrider
Clé Supprimée : HKLM\Software\Babylon
***** [ Navigateurs ] *****
-\\ Internet Explorer v10.0.9200.16660
-\\ Mozilla Firefox v23.0.1 (fr)
[ Fichier : C:\Users\yohann\AppData\Roaming\Mozilla\Firefox\Profiles\1s2piaxf.Go2-Gr2\prefs.js ]
[ Fichier : C:\Users\yohann\AppData\Roaming\Mozilla\Firefox\Profiles\1u1lzf05.Go2-Gr3\prefs.js ]
[ Fichier : C:\Users\yohann\AppData\Roaming\Mozilla\Firefox\Profiles\4n0r3d6v.Go2-2\prefs.js ]
[ Fichier : C:\Users\yohann\AppData\Roaming\Mozilla\Firefox\Profiles\54esynjg.Julien\prefs.js ]
[ Fichier : C:\Users\yohann\AppData\Roaming\Mozilla\Firefox\Profiles\7wfkqo5y.default\prefs.js ]
Ligne Supprimée : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Ligne Supprimée : user_pref("browser.search.defaultengine", "Ask.com");
Ligne Supprimée : user_pref("browser.search.defaultenginename", "Ask.com");
Ligne Supprimée : user_pref("browser.search.order.1", "Ask.com");
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.babExt", "");
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=110818");
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.hardId", "242053690000000000004061868fc9b9");
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.id", "242053690000000000004061868fc9b9");
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.instlDay", "15434");
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.newTab", true);
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?affID=110818&babsrc=NT_ss&mntrId=242053690000000000004061868fc9b9");
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.tlbrId", "tb9");
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1715:49:59");
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Ligne Supprimée : user_pref("extensions.asktb.ff-original-keyword-url", "hxxp://search.babylon.com/?affID=110818&babsrc=KW_ss&mntrId=242053690000000000004061868fc9b9&q=");
Ligne Supprimée : user_pref("extensions.crossrider.bic", "1367d9ef40c91ae6368548dd816d00c0");
Ligne Supprimée : user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ORJ&o=&locale=&apn_uid=3B8E900F-0C47-43BD-B534-7495472AAA6C&apn_ptnrs=&apn_sauid=B3579399-6631-4EBC-ABEA-97AC12313001&ap[...]
[ Fichier : C:\Users\yohann\AppData\Roaming\Mozilla\Firefox\Profiles\9ct7lyzh.Go2-Chloé\prefs.js ]
[ Fichier : C:\Users\yohann\AppData\Roaming\Mozilla\Firefox\Profiles\aq89spv9.Go2-Gr4\prefs.js ]
[ Fichier : C:\Users\yohann\AppData\Roaming\Mozilla\Firefox\Profiles\ggo0ufyr.Reroll-dijo\prefs.js ]
[ Fichier : C:\Users\yohann\AppData\Roaming\Mozilla\Firefox\Profiles\kkaefm6k.Kivige\prefs.js ]
[ Fichier : C:\Users\yohann\AppData\Roaming\Mozilla\Firefox\Profiles\o6vsmpok.Go2-Gr1\prefs.js ]
[ Fichier : C:\Users\yohann\AppData\Roaming\Mozilla\Firefox\Profiles\xgdontd1.Go2-Choulee\prefs.js ]
*************************
AdwCleaner[R0].txt - [7552 octets] - [28/08/2013 11:54:26]
AdwCleaner[S0].txt - [7579 octets] - [28/08/2013 11:55:31]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7639 octets] ##########
2 éme rapport avec JRT
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.4 (08.22.2013:1)
OS: Windows 7 Home Premium x86
Ran by yohann on 28/08/2013 at 12:06:26,69
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9FF80864-D2BC-4F83-BE76-D78FBBC5EA0C}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Windows\system32\ai_recyclebin"
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{006C5A04-FCA6-40EA-A69A-CAB1C8B53E26}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{01497B95-A143-4323-A4D8-E3FC6746D1C4}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{01C82F55-2F8D-465D-A5D8-DF4A7329F4B7}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{0303D476-501E-4780-BF80-EFDC3476B374}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{03C34D90-EEC5-4EA3-BF45-4AABAE2DD1D1}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{06D3A9CD-2E5B-45AE-A6C9-E0D692476CD4}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{08387CFE-6C1F-45F5-89FE-96FA9902589C}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{0A448237-B32C-4FCB-AFDE-F8DA38DCD1E5}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{0A61C4A7-9480-40DE-90FB-E86A072E3095}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{0D2173E4-2C50-4103-A0D6-794BF4686500}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{0ECE4803-60AD-4620-92A9-75931A938120}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{1118343F-24DF-4205-94E6-ABC3D9E61C97}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{11C7ECB7-10ED-4A2D-B275-EE430EFE6703}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{14660B89-C690-4134-907B-5B11F52B814F}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{147D6F18-EB4E-4F14-9CBA-C37AE9A5FFB9}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{15E13465-EC35-4B18-8DAC-6B3A8255D24A}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{1607F6EE-412C-465C-9531-2095DD9279D1}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{1683AEAD-BFEF-413B-81D7-CA6F794BDD3E}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{17C02344-89A2-44A5-A71F-9FBE552A026F}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{17D81FCC-F1F1-4180-857E-63D388F0F27A}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{17EC6C4A-F933-4170-8926-62729C10B821}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{19A0CA48-42FD-4A19-8098-EC7E2A99810E}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{1B2B5177-2DD5-4D47-B1BA-1AA2F49B2E3C}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{1DE25D80-F9D0-4575-A60D-75F072EA351A}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{1EEEB31E-A02F-4D12-874B-95B4AE405C09}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{1FB95EBC-66C8-4D7B-80D4-16CB1946E99D}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{1FBA981D-1134-4D0A-819E-2D68038F10B0}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{20435D63-48B1-473F-9B55-C014CC6198F1}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{245118C4-288B-4EE5-A0CC-E060E3D006F8}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{26417A66-685E-4E80-B55E-67CCB392129A}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{265F8C7E-E460-481D-84CB-92F28C9F1700}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{26E86BA9-B2D3-47F5-BFAD-65A39E2B37F9}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{2706FDFF-B10F-4F93-BBD4-341A95D441F3}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{27594B8A-6999-4972-BE0A-4CDD89FD3116}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{27E8FFC5-E1E7-4B32-87B8-EE5A4A320B7C}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{2AD46ADB-6A68-431B-98DE-9F9DFA76354A}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{2C9FC54F-1FA3-4C2F-92A7-A0D888682EC4}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{2E298428-B982-4278-9EDA-100F2B738B63}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{2E844DC2-FAD6-4908-A7B5-5A780C2F080E}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{2EDE8B1F-609E-4896-AE5A-59CBA427ABFD}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{3240FFFB-1086-404E-9F90-8B2BCD430D5A}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{33966CDD-D2FD-41F7-8F4A-4BB5B6E4A315}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{351678AE-46F0-475F-8F00-2C3425280767}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{35678574-C096-4120-BD35-5BC68B3FA589}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{36A5D431-734A-4D43-AFC3-E183E4B8F491}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{3719F377-2E64-417A-A094-7FFDAED1EC41}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{39D31C04-28AE-41ED-BBA9-E1697AEC6152}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{3BBB9BEF-4B5D-4B77-ACAD-F269F992AE95}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{3DD68A67-6162-43A7-9E32-8975AB2191AE}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{3E1D4ED5-4555-4E53-B0F3-69E3E3943A7A}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{404689C2-8A22-4FDF-B33C-06D6CF393E81}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{40D6EBFF-0120-404D-98DA-6F1CFA2452DA}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{42D0E3C5-4EE5-4E4D-8CF4-1338B0DA661D}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{4491C4FF-E8B0-47B3-ADCD-C01F9CA5FE22}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{45C86727-857E-44A4-A5AB-F75A5B4B21C3}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{460188BB-02C1-4A5C-B02F-64E27F07DA97}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{46F9A2A2-0848-49DA-9644-8032778BCAAF}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{47934477-19DE-496E-B17A-44AB7F836E0E}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{488217C7-C21D-4CA9-BDF9-8DA3998F401F}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{4A640689-9198-4651-A939-6B2F86A115BD}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{4ACC60DA-D0C2-42D8-9B8B-A2724515EC95}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{4AF8E8E9-9A08-47F8-888A-2E960C05F741}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{4AFF9245-BE9B-4C71-99AF-1BDE3B2E8DCE}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{4B32364B-8BA3-4A3E-B4F3-BAE6E4AAB32B}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{5105A341-19C1-4C5C-92CC-9A2EAADB4828}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{51396BDA-3076-42DC-974D-F5C861A21488}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{5260DD79-B695-4ED0-808B-76149DEC8FBC}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{548811CD-040B-4C8C-9A99-DAAC17CA6FAE}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{562B88C3-FE88-4678-A347-A00625BED231}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{5850837A-DA2C-4918-A7BD-37082682894B}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{5912D830-2468-4EEE-AA86-E78538C92780}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{59AF876F-FF07-455F-931E-48051A931F31}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{5B79FBE0-F0F9-4028-BC19-84CC77B23BD2}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{5BFA6A3D-B655-47E0-82C6-4BAD33D480A6}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{5C2B4356-1182-4849-821F-C1DB1F73078E}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{5CE272E4-CA3F-4FB2-8F0C-0DECC3CB7117}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{5D45A516-17E9-403E-8D9B-94EDEE24F459}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{5D4D218D-1C7F-428E-A8CB-9B0ADA0CB6B5}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{5D8C071E-74CD-411B-B301-0834B50014BD}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{5DA3EF2E-D928-4C19-A4D2-2326A985F777}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{5E01AFB6-6B1F-482A-8698-AEF323F955CD}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{5E98A57D-65FF-4F47-B130-06568F8E95CB}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{6007DCB0-B67E-4FF5-9448-B7FB6979A5ED}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{60F1D814-07E9-4ACF-8DFE-4DF939072E3D}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{61AA0661-BEDD-471C-B818-EB2A5EF78D2B}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{64A93172-74FC-44F5-BBC2-32706438DC6E}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{671A2365-1C1A-461F-AD5A-D14A87840A9D}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{6750A2E2-427B-42DF-BBE3-B2945713293D}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{67EE3D9B-3DCE-49B6-B549-0D4858340C42}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{690B8F72-4C2D-442C-B9A0-B7B13AE9A340}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{6A512733-9908-47C5-A350-D713BCEB0250}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{6B47E1AD-56B2-4195-BCBD-B9C6CD9D4542}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{6C1C7EF9-9C2D-4210-88F8-F926565B1260}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{6EBACB11-005D-44B3-BED7-91A87BA19F36}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{6FA0104C-3F45-4F60-A767-715751BEBDAF}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{70EC08B2-5EBB-4A1C-B850-C17D38FF33AA}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{76B095CD-F7F0-45B4-9788-E661DEAF1D34}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{7752E499-9A9C-480C-B340-8E9607C483FA}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{780E5F71-4A2C-4770-804F-DFFC06DFBE95}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{790B2756-4F26-4317-AC41-5F9E47459FD3}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{79402BF2-9FAE-4DAB-BA69-4D3AFD45FB3E}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{7A60AC15-6E06-47B1-8594-AA079649AD1F}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{7A98E093-ECDE-4C52-A232-4E0E3174E304}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{7B574685-F161-41CF-8E51-6446D2DA1592}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{7D62AF7F-9D27-4757-B3F3-CA44E7129830}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{7D7AEDA9-8245-4052-8FAE-FB6F1178F68C}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{7E37451F-0BDC-4571-9C11-87F629E3F123}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{7E37602E-AE5A-484D-844F-A1B3D2D8912F}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{8151590F-3C9E-4766-8845-B1816E0B04BB}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{83218E4B-85B2-425B-8D6D-DFEE72FC1CF6}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{84095F08-268A-420A-AD37-B3E9D6CBDDAF}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{85EBC4D5-05B4-4EFB-991F-E529903F8A40}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{86499B26-7F8E-45B9-9808-93BD99D1CAE8}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{868A8231-FCA7-45B1-BAE8-38C2F179CB76}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{8951D35F-477C-4CF1-87E6-968689FEA46F}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{8C108AC2-30F7-4871-9789-F7B26EF284E5}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{8C9B2B52-F31F-4AE7-8E1C-D3DA9B0A9B45}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{8EF8C05B-97D7-4238-A046-3025BB82BDC6}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{914D2661-FA15-422C-8F37-FC3B3D945626}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{91CA3F52-9BCE-4BA3-8924-89CDDA3F5CD8}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{93B603AA-E11B-4BBC-A4B0-9DA8C5197D3A}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{965C589F-9435-4430-9CE5-859CED9C11D4}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{96B67CB5-85DA-47CE-AD5B-6C9A3AE684B9}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{96DA2F5B-13EA-4133-BF7C-04C59DF09C6E}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{9A5F1DF8-119C-44C5-B55D-70F6B40F8794}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{9DD32759-78C9-4A18-B8B3-850545CB829A}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{9EBB0F9F-0AAC-4649-8DD9-83CD87B3114F}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{A2201028-0387-4D9D-98AF-83F58FB033C9}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{A266C5A9-F68E-4347-A0D9-E7B61E03D357}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{A2ACC89E-B742-42BD-AD5E-03F14ACE028E}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{A2C59421-63EA-42AD-8F65-73B56C903D17}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{A30631E7-1762-44EC-AC26-637E03E7B52F}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{A48CFD67-EADF-45F4-BA52-BF6D32196BE6}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{A6703C0D-C665-4928-AEB4-0EA5D3623E86}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{A72C320E-20C7-4E82-8A75-F5C7602D6FED}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{AA580934-C681-4F98-B23B-C9D8942C914D}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{AA7464B2-EF34-47CF-AAE2-99E22B3448B8}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{AB5CB937-8EC2-49A3-99A7-A184298FF82F}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{ACA50C33-8B18-4497-8DB6-3CBC167500CE}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{ACA741CE-922C-4CAC-96F0-7C4BDA2DEDEB}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{AF092EF8-0B2F-4A43-9507-215CE58027D6}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{AF60D47B-4808-4D29-9952-EC181BE515AB}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{B28F02DB-93C6-4E9C-B75B-F9FD413008B3}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{B4AA1AF1-3981-432D-A75A-262DCE1B4ABE}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{B6B583D8-9AFD-4A3A-B171-60A16E0AC5CA}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{B6DF1834-2418-4C21-B379-BEAAE8E8CD0F}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{B87EDA29-8C11-41EB-87CF-FD9019DA160E}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{B8CB0D88-C2FF-40FE-B4C8-B04E63682EFC}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{B8E3A221-6831-4711-AAE1-C45434956454}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{B921B873-CA56-4DEB-A791-8947508DF652}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{B9A99FFA-C8D4-43B4-B9B1-5D7159D7D3B5}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{BA0DCA16-EF97-4C23-8EBE-1ECE2E626834}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{BB35F7C3-C5CB-4CA1-90C3-70E28991F6B6}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{BC85585E-8902-4738-AB27-E5D76AF015BD}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{BCA15829-50DD-40CC-9400-34DEB7F043DF}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{C27346B8-73D1-4716-BCBB-EF94A689503D}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{C361C18F-83C5-4132-A78D-216B6003DA6F}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{C38FBB23-3A56-4BF3-AE1D-8D669EDCD16C}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{C429988B-F28E-4401-9105-C3FBBD1661E0}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{C51FA38A-3940-4A39-ABE7-AD74B22C05F5}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{C70F3E32-2854-42C6-91C2-5E880EF60BE5}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{C7E5320A-EE1F-4A39-87BD-8A27BE0903E4}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{C8FE9635-5D67-4BD4-B9AC-A5D3FED6AD2C}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{C9F731FE-03DA-47A7-A6B5-0F6C042A7EA2}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{CA1A8F1A-EB9A-4619-AC32-B6D7388010FF}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{CB386B46-EC85-4A0E-B55D-761FD742266C}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{CD693232-BE62-444E-953C-64050EAC7A0B}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{CF0159DF-5A0A-48AA-9D09-D6B9D1FF6D0B}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{D0A92CD6-389A-4AD3-BAFB-15FBE65F0271}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{D0E94C79-880C-48BF-95C7-1593A1EE79B7}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{D1946349-325D-4C52-9A38-27A52E0641B0}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{D44DC8D1-0075-4325-8571-60F252D5FDF4}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{D4A9FB55-4D23-41A3-BCA3-BF67A78CE3D4}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{D67E88AE-CE71-4B53-A47E-585DA9E61233}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{D6A28BFE-E8A8-4507-A275-69666892EA26}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{D6CAEE80-35E5-4C6A-935D-83E3B1FA4DCC}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{D74FD6BC-407E-48F2-8E3E-403F765DAD42}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{D7E5D13A-CA41-4C9F-B0EC-76F05BF020D1}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{DA3699A8-0651-427E-858A-CB40ECC79194}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{DBD7B17C-5DC0-4BB0-9036-1D669CDA2A4E}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{DC15BA26-4DF9-4971-A331-BFC4593615D8}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{E08B6593-5228-4213-BD74-6E54CF5E69D0}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{E18D07FB-90CE-4B99-9D6D-5FEF7D8A4D13}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{E3F43CD5-8C00-48F1-AE32-DC0093BA89F1}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{E4E91BAB-2384-4EA2-A269-E50453CBFC41}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{E593F319-0167-481E-81A1-73B323E54126}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{E5EAFD82-E156-409C-A01B-50F51AF58383}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{E605ABBA-F4A6-4D18-9BBD-9BBF4579E734}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{E64A5CB5-5A20-4E94-BBC6-24E79F52E191}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{E7DB18B0-0FA5-4A31-9B79-9DC0732D9238}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{E885F776-03B5-4560-ADF7-3B9A72E561B2}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{E97D092E-40A7-4B6A-8B1E-39BED1122E2F}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{ED4DC5C7-74DD-467A-AFEF-D54747419C1C}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{EE16D636-B66A-4BD0-845F-E2ED0B25791D}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{EE8D50E2-C6E4-435A-A327-1B8A796254D2}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{EECCD779-767E-43F1-8B65-6CCE83A0C653}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{EEFABD54-764F-42FD-B4D0-D418CF22EA2D}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{EF11AEA7-3BA7-4168-BE6A-BCF3384FD292}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{F0E6A423-E547-4F3D-A3D8-A67055F4E657}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{F27D544E-EB2F-4CEC-945E-9DF24E45EEB6}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{F3E921AA-E85B-4160-97E1-E1267D3108C7}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{F424E045-50FB-4578-B18D-C63D71B5ACE1}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{F4F1CFCC-4B7A-4625-8ECB-8F7060CC280D}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{F4FD6875-5E72-449B-93BD-065B1F6BAB7C}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{F51D6C76-7F17-46EE-A225-59CAB59A46DA}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{F75BF43D-1865-4866-A3C8-7B991B9261DC}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{F7D87E6F-9044-4B9D-A1DD-87FD6826A908}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{F9586B4B-C3B5-4098-A295-F734DC802974}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{F9736631-33B4-43D8-A316-F840AC67EA58}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{FB103DC9-FCBA-4E1B-A6CC-9B763439A4B2}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{FBB39429-60B0-4D1F-ADA4-F9C2EEDDE2F0}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{FD826B84-C96F-43D3-9D6E-551D4B040520}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{FE2074DA-F7B2-4A23-9D1E-14EAB0E6E922}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{FE5BE8E0-C1DD-4F36-8CAC-2D7D4B9BD140}
Successfully deleted: [Empty Folder] C:\Users\yohann\appdata\local\{FFC13543-42A3-47C9-A08B-DB20330AA922}
~~~ FireFox
Emptied folder: C:\Users\yohann\AppData\Roaming\mozilla\firefox\profiles\7wfkqo5y.default\minidumps [630 files]
Emptied folder: C:\Users\yohann\AppData\Roaming\mozilla\firefox\profiles\4n0r3d6v.Go2-2\minidumps [79 files]
Emptied folder: C:\Users\yohann\AppData\Roaming\mozilla\firefox\profiles\xgdontd1.Go2-Choulee\minidumps [43 files]
Emptied folder: C:\Users\yohann\AppData\Roaming\mozilla\firefox\profiles\o6vsmpok.Go2-Gr1\minidumps [28 files]
Emptied folder: C:\Users\yohann\AppData\Roaming\mozilla\firefox\profiles\1s2piaxf.Go2-Gr2\minidumps [18 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 28/08/2013 at 12:10:51,46
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
ShadowLee
Messages postés
53
Date d'inscription
mardi 27 août 2013
Statut
Membre
Dernière intervention
1 septembre 2013
28 août 2013 à 12:42
28 août 2013 à 12:42
j'ai toujours le soucis explorateur windows a cessé de fonctionner
merci de prendre de ton temps pour m'aider
merci de prendre de ton temps pour m'aider
g3n-h@ckm@n
Messages postés
13238
Date d'inscription
jeudi 31 janvier 2013
Statut
Membre
Dernière intervention
24 février 2022
948
28 août 2013 à 17:08
28 août 2013 à 17:08
pourquoi t'as pas renommé combofix comme demandé au fait ?
ShadowLee
Messages postés
53
Date d'inscription
mardi 27 août 2013
Statut
Membre
Dernière intervention
1 septembre 2013
29 août 2013 à 05:27
29 août 2013 à 05:27
bin parce que je rentre du boulot apré une nuit bien remplis j'ai pas forcément les yeux en face des trous désolé je vais le refaire du coup
ShadowLee
Messages postés
53
Date d'inscription
mardi 27 août 2013
Statut
Membre
Dernière intervention
1 septembre 2013
29 août 2013 à 13:57
29 août 2013 à 13:57
ComboFix 13-08-29.01 - yohann 29/08/2013 5:35.2.4 - x86
Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.33.1036.18.3031.1995 [GMT 2:00]
Lancé depuis: c:\users\yohann\Desktop\123.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2013-07-28 au 2013-08-29 ))))))))))))))))))))))))))))))))))))
.
.
2013-08-29 03:40 . 2013-08-29 03:40 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-08-29 03:40 . 2013-08-29 03:40 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-08-29 03:30 . 2013-08-29 03:30 -------- d-----w- C:\pourlesite
2013-08-29 03:28 . 2013-08-29 03:28 29904 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{792DEFFC-7449-4685-AE97-496DB8FDC439}\MpKslcf3a1f0a.sys
2013-08-28 10:06 . 2013-08-28 10:06 -------- d-----w- c:\windows\ERUNT
2013-08-28 09:54 . 2013-08-28 09:55 -------- d-----w- C:\AdwCleaner
2013-08-28 09:35 . 2013-08-06 07:28 7166848 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{792DEFFC-7449-4685-AE97-496DB8FDC439}\mpengine.dll
2013-08-28 01:01 . 2013-08-06 07:28 7166848 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-08-28 00:57 . 2013-08-29 03:40 -------- d-----w- c:\users\yohann\AppData\Local\temp
2013-08-27 02:09 . 2013-08-27 02:11 -------- d-----w- c:\program files\ZHPDiag
2013-08-27 02:09 . 2013-08-27 02:11 -------- d-----w- C:\ZHP
2013-08-26 14:08 . 2013-08-27 02:24 -------- d-----w- c:\program files\ma-config.com
2013-08-26 14:08 . 2013-08-26 14:08 -------- d-----w- c:\programdata\ma-config.com
2013-08-26 03:35 . 2013-08-26 03:35 -------- d-----w- c:\users\yohann\AppData\Roaming\Malwarebytes
2013-08-26 03:34 . 2013-08-26 03:34 -------- d-----w- c:\programdata\Malwarebytes
2013-08-26 03:34 . 2013-08-26 15:25 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-08-22 12:32 . 2013-08-22 12:32 697992 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9C3B02CC-3E8C-4921-8408-7122EF3DBBCF}\gapaengine.dll
2013-08-18 14:02 . 2013-08-18 14:02 -------- d-----w- c:\programdata\Hi-Rez Studios
2013-08-13 22:22 . 2013-07-09 04:50 652800 ----a-w- c:\windows\system32\rpcrt4.dll
2013-08-13 22:22 . 2013-07-09 04:46 1166848 ----a-w- c:\windows\system32\crypt32.dll
2013-08-13 22:22 . 2013-07-09 04:52 175104 ----a-w- c:\windows\system32\wintrust.dll
2013-08-13 22:22 . 2013-07-09 04:46 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2013-08-13 22:22 . 2013-07-09 04:46 103936 ----a-w- c:\windows\system32\cryptnet.dll
2013-08-13 22:22 . 2013-07-09 05:03 3968960 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-08-13 22:22 . 2013-07-09 05:03 3913664 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-08-13 22:22 . 2013-07-09 04:53 1289096 ----a-w- c:\windows\system32\ntdll.dll
2013-08-13 22:22 . 2013-07-25 08:57 1620992 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-08-13 22:22 . 2013-07-06 05:05 1293760 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-08-13 22:22 . 2013-07-19 01:41 2048 ----a-w- c:\windows\system32\tzres.dll
2013-08-13 22:22 . 2013-06-15 03:38 31232 ----a-w- c:\windows\system32\drivers\tssecsrv.sys
2013-08-10 20:40 . 2013-08-10 20:40 -------- d-----w- c:\users\yohann\AppData\Roaming\Unity
2013-08-10 20:38 . 2013-08-10 20:38 -------- d-----w- c:\users\yohann\AppData\Local\Unity
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-21 13:52 . 2012-04-21 19:10 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-08-21 13:52 . 2011-05-28 18:26 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-07-18 17:12 . 2011-08-21 22:33 698504 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2013-06-30 10:28 . 2013-06-30 10:28 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-06-30 10:28 . 2012-07-06 13:26 867240 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-06-30 10:28 . 2011-09-30 00:14 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-06-18 19:50 . 2013-06-18 19:50 211560 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2013-06-18 19:50 . 2010-10-24 19:25 107392 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2013-06-05 03:05 . 2013-07-09 18:20 2347520 ----a-w- c:\windows\system32\win32k.sys
2013-06-04 04:53 . 2013-07-09 18:20 509440 ----a-w- c:\windows\system32\qedit.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"="c:\users\yohann\AppData\Local\Akamai\netsession_win.exe" [2013-06-04 4489472]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-06-20 995176]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
WiFi Station N.lnk - c:\program files\Hercules\WiFiStationN\WiFiN.exe -s [2012-6-16 128296]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-06-21 162408]
R3 cpuz135;cpuz135;c:\users\yohann\AppData\Local\Temp\cpuz135\cpuz135_x32.sys [x]
R3 EagleXNt;EagleXNt;c:\windows\system32\drivers\EagleXNt.sys [x]
R3 jgameenp;jgameenp;c:\users\yohann\AppData\Local\Temp\jgameenp.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-06-18 107392]
R3 NisSrv;Inspection du réseau Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe [2013-06-20 295376]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2011-05-11 4330168]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 49664]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2011-05-28 1343400]
S1 MpKslcf3a1f0a;MpKslcf3a1f0a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{792DEFFC-7449-4685-AE97-496DB8FDC439}\MpKslcf3a1f0a.sys [2013-08-29 29904]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 HerculesWiFi;HerculesWiFi;c:\windows\system32\\HerculesWiFiService.exe [2010-11-17 53544]
S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;d:\program files\Hi-Rez Studios\HiPatchService.exe [2013-08-13 9216]
S2 MaConfigAgent;Ma-Config Agent;c:\program files\ma-config.com\MaConfigAgent.exe [2013-08-22 1783632]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-01-18 383264]
S2 TeamViewer7;TeamViewer 7;c:\program files\TeamViewer\Version7\TeamViewer_Service.exe [2012-01-19 3027840]
S3 dc3d;Pilote de détection des périphériques Microsoft Hardware;c:\windows\system32\DRIVERS\dc3d.sys [2013-05-06 65200]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2011-06-10 394856]
S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys [2010-11-25 603240]
.
.
--- Autres Services/Pilotes en mémoire ---
.
*NewlyCreated* - MPKSLCF3A1F0A
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Contenu du dossier 'Tâches planifiées'
.
2013-08-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-21 13:52]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/
uInternet Settings,ProxyOverride = 127.0.0.1:9421;<local>
Trusted Zone: ma-config.com
Trusted Zone: touslesdrivers.com
TCP: DhcpNameServer = 80.10.46.232 80.10.46.232
FF - ProfilePath - c:\users\yohann\AppData\Roaming\Mozilla\Firefox\Profiles\7wfkqo5y.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files\common files\akamai/netsession_win_8fa3539.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2013-08-29 05:42:27
ComboFix-quarantined-files.txt 2013-08-29 03:42
ComboFix2.txt 2013-08-28 00:59
.
Avant-CF: 79 918 047 232 octets libres
Après-CF: 79 866 372 096 octets libres
.
- - End Of File - - 304887C15BDABD0336D6B2E2C9C9B95B
A36C5E4F47E84449FF07ED3517B43A31
Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.33.1036.18.3031.1995 [GMT 2:00]
Lancé depuis: c:\users\yohann\Desktop\123.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2013-07-28 au 2013-08-29 ))))))))))))))))))))))))))))))))))))
.
.
2013-08-29 03:40 . 2013-08-29 03:40 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-08-29 03:40 . 2013-08-29 03:40 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-08-29 03:30 . 2013-08-29 03:30 -------- d-----w- C:\pourlesite
2013-08-29 03:28 . 2013-08-29 03:28 29904 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{792DEFFC-7449-4685-AE97-496DB8FDC439}\MpKslcf3a1f0a.sys
2013-08-28 10:06 . 2013-08-28 10:06 -------- d-----w- c:\windows\ERUNT
2013-08-28 09:54 . 2013-08-28 09:55 -------- d-----w- C:\AdwCleaner
2013-08-28 09:35 . 2013-08-06 07:28 7166848 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{792DEFFC-7449-4685-AE97-496DB8FDC439}\mpengine.dll
2013-08-28 01:01 . 2013-08-06 07:28 7166848 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-08-28 00:57 . 2013-08-29 03:40 -------- d-----w- c:\users\yohann\AppData\Local\temp
2013-08-27 02:09 . 2013-08-27 02:11 -------- d-----w- c:\program files\ZHPDiag
2013-08-27 02:09 . 2013-08-27 02:11 -------- d-----w- C:\ZHP
2013-08-26 14:08 . 2013-08-27 02:24 -------- d-----w- c:\program files\ma-config.com
2013-08-26 14:08 . 2013-08-26 14:08 -------- d-----w- c:\programdata\ma-config.com
2013-08-26 03:35 . 2013-08-26 03:35 -------- d-----w- c:\users\yohann\AppData\Roaming\Malwarebytes
2013-08-26 03:34 . 2013-08-26 03:34 -------- d-----w- c:\programdata\Malwarebytes
2013-08-26 03:34 . 2013-08-26 15:25 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-08-22 12:32 . 2013-08-22 12:32 697992 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9C3B02CC-3E8C-4921-8408-7122EF3DBBCF}\gapaengine.dll
2013-08-18 14:02 . 2013-08-18 14:02 -------- d-----w- c:\programdata\Hi-Rez Studios
2013-08-13 22:22 . 2013-07-09 04:50 652800 ----a-w- c:\windows\system32\rpcrt4.dll
2013-08-13 22:22 . 2013-07-09 04:46 1166848 ----a-w- c:\windows\system32\crypt32.dll
2013-08-13 22:22 . 2013-07-09 04:52 175104 ----a-w- c:\windows\system32\wintrust.dll
2013-08-13 22:22 . 2013-07-09 04:46 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2013-08-13 22:22 . 2013-07-09 04:46 103936 ----a-w- c:\windows\system32\cryptnet.dll
2013-08-13 22:22 . 2013-07-09 05:03 3968960 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-08-13 22:22 . 2013-07-09 05:03 3913664 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-08-13 22:22 . 2013-07-09 04:53 1289096 ----a-w- c:\windows\system32\ntdll.dll
2013-08-13 22:22 . 2013-07-25 08:57 1620992 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-08-13 22:22 . 2013-07-06 05:05 1293760 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-08-13 22:22 . 2013-07-19 01:41 2048 ----a-w- c:\windows\system32\tzres.dll
2013-08-13 22:22 . 2013-06-15 03:38 31232 ----a-w- c:\windows\system32\drivers\tssecsrv.sys
2013-08-10 20:40 . 2013-08-10 20:40 -------- d-----w- c:\users\yohann\AppData\Roaming\Unity
2013-08-10 20:38 . 2013-08-10 20:38 -------- d-----w- c:\users\yohann\AppData\Local\Unity
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-21 13:52 . 2012-04-21 19:10 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-08-21 13:52 . 2011-05-28 18:26 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-07-18 17:12 . 2011-08-21 22:33 698504 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2013-06-30 10:28 . 2013-06-30 10:28 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-06-30 10:28 . 2012-07-06 13:26 867240 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-06-30 10:28 . 2011-09-30 00:14 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-06-18 19:50 . 2013-06-18 19:50 211560 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2013-06-18 19:50 . 2010-10-24 19:25 107392 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2013-06-05 03:05 . 2013-07-09 18:20 2347520 ----a-w- c:\windows\system32\win32k.sys
2013-06-04 04:53 . 2013-07-09 18:20 509440 ----a-w- c:\windows\system32\qedit.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"="c:\users\yohann\AppData\Local\Akamai\netsession_win.exe" [2013-06-04 4489472]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-06-20 995176]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
WiFi Station N.lnk - c:\program files\Hercules\WiFiStationN\WiFiN.exe -s [2012-6-16 128296]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-06-21 162408]
R3 cpuz135;cpuz135;c:\users\yohann\AppData\Local\Temp\cpuz135\cpuz135_x32.sys [x]
R3 EagleXNt;EagleXNt;c:\windows\system32\drivers\EagleXNt.sys [x]
R3 jgameenp;jgameenp;c:\users\yohann\AppData\Local\Temp\jgameenp.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-06-18 107392]
R3 NisSrv;Inspection du réseau Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe [2013-06-20 295376]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2011-05-11 4330168]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 49664]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2011-05-28 1343400]
S1 MpKslcf3a1f0a;MpKslcf3a1f0a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{792DEFFC-7449-4685-AE97-496DB8FDC439}\MpKslcf3a1f0a.sys [2013-08-29 29904]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 HerculesWiFi;HerculesWiFi;c:\windows\system32\\HerculesWiFiService.exe [2010-11-17 53544]
S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;d:\program files\Hi-Rez Studios\HiPatchService.exe [2013-08-13 9216]
S2 MaConfigAgent;Ma-Config Agent;c:\program files\ma-config.com\MaConfigAgent.exe [2013-08-22 1783632]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-01-18 383264]
S2 TeamViewer7;TeamViewer 7;c:\program files\TeamViewer\Version7\TeamViewer_Service.exe [2012-01-19 3027840]
S3 dc3d;Pilote de détection des périphériques Microsoft Hardware;c:\windows\system32\DRIVERS\dc3d.sys [2013-05-06 65200]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2011-06-10 394856]
S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys [2010-11-25 603240]
.
.
--- Autres Services/Pilotes en mémoire ---
.
*NewlyCreated* - MPKSLCF3A1F0A
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Contenu du dossier 'Tâches planifiées'
.
2013-08-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-21 13:52]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/
uInternet Settings,ProxyOverride = 127.0.0.1:9421;<local>
Trusted Zone: ma-config.com
Trusted Zone: touslesdrivers.com
TCP: DhcpNameServer = 80.10.46.232 80.10.46.232
FF - ProfilePath - c:\users\yohann\AppData\Roaming\Mozilla\Firefox\Profiles\7wfkqo5y.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files\common files\akamai/netsession_win_8fa3539.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2013-08-29 05:42:27
ComboFix-quarantined-files.txt 2013-08-29 03:42
ComboFix2.txt 2013-08-28 00:59
.
Avant-CF: 79 918 047 232 octets libres
Après-CF: 79 866 372 096 octets libres
.
- - End Of File - - 304887C15BDABD0336D6B2E2C9C9B95B
A36C5E4F47E84449FF07ED3517B43A31
g3n-h@ckm@n
Messages postés
13238
Date d'inscription
jeudi 31 janvier 2013
Statut
Membre
Dernière intervention
24 février 2022
948
29 août 2013 à 14:41
29 août 2013 à 14:41
__________________________________________________
=>/!\Le script qui suit a été écrit spécialement cet ordinateur/!\ <=
=>il est fort déconseillé de le transposer sur un autre ordinateur !<=
----------------------------------------------------------------------------
Toujours avec toutes les protections désactivées, fais ceci :
▶ Ouvre le bloc-notes (Menu démarrer --> programmes --> accessoires --> bloc-notes)
▶ Copie/colle dans le bloc-notes ce qui entre les lignes ci dessous (sans les lignes) :
----------------------------------------------------------
KillAll::
ClearJavaCache::
Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"=-
Driver::
jgameenp
DDS::
uInternet Settings,ProxyOverride = 127.0.0.1:9421;<local>
RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
------------------------------------------------------------------
▶ Enregistre ce fichier sur ton Bureau (et pas ailleurs !) sous le nom CFScript.txt
▶ Quitte le Bloc Notes
▶ Fais un glisser/déposer de ce fichier CFScript sur le fichier combofix comme sur cette : illustration
▶ Patiente le temps du scan. Le Bureau va disparaître à plusieurs reprises : c'est normal ! Ne touche à rien tant que le scan n'est pas terminé.
▶ Une fois le scan achevé, un rapport va s'afficher: poste son contenu.
▶ Si le fichier ne s'ouvre pas, il se trouve ici => C:\ComboFix.txt
ShadowLee
Messages postés
53
Date d'inscription
mardi 27 août 2013
Statut
Membre
Dernière intervention
1 septembre 2013
29 août 2013 à 15:49
29 août 2013 à 15:49
bonjour,
ComboFix 13-08-29.01 - yohann 29/08/2013 15:36:37.3.4 - x86
Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.33.1036.18.3031.1996 [GMT 2:00]
Lancé depuis: c:\users\yohann\Desktop\123.exe
Commutateurs utilisés :: c:\users\yohann\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_JGAMEENP
-------\Service_jgameenp
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2013-07-28 au 2013-08-29 ))))))))))))))))))))))))))))))))))))
.
.
2013-08-29 13:42 . 2013-08-29 13:42 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-08-29 13:42 . 2013-08-29 13:42 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-08-29 12:40 . 2013-08-29 12:40 60872 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5E6CECF7-DFCB-4AE6-959F-F17112E3EE97}\offreg.dll
2013-08-29 12:40 . 2013-08-29 12:40 29904 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5E6CECF7-DFCB-4AE6-959F-F17112E3EE97}\MpKsl4c28ab49.sys
2013-08-29 12:40 . 2013-08-06 07:28 7166848 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5E6CECF7-DFCB-4AE6-959F-F17112E3EE97}\mpengine.dll
2013-08-29 03:30 . 2013-08-29 03:30 -------- d-----w- C:\pourlesite
2013-08-28 10:06 . 2013-08-28 10:06 -------- d-----w- c:\windows\ERUNT
2013-08-28 09:54 . 2013-08-28 09:55 -------- d-----w- C:\AdwCleaner
2013-08-28 01:01 . 2013-08-06 07:28 7166848 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-08-28 00:57 . 2013-08-29 13:44 -------- d-----w- c:\users\yohann\AppData\Local\temp
2013-08-27 02:09 . 2013-08-27 02:11 -------- d-----w- c:\program files\ZHPDiag
2013-08-27 02:09 . 2013-08-27 02:11 -------- d-----w- C:\ZHP
2013-08-26 14:08 . 2013-08-27 02:24 -------- d-----w- c:\program files\ma-config.com
2013-08-26 14:08 . 2013-08-26 14:08 -------- d-----w- c:\programdata\ma-config.com
2013-08-26 03:35 . 2013-08-26 03:35 -------- d-----w- c:\users\yohann\AppData\Roaming\Malwarebytes
2013-08-26 03:34 . 2013-08-26 03:34 -------- d-----w- c:\programdata\Malwarebytes
2013-08-26 03:34 . 2013-08-26 15:25 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-08-22 12:32 . 2013-08-22 12:32 697992 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9C3B02CC-3E8C-4921-8408-7122EF3DBBCF}\gapaengine.dll
2013-08-18 14:02 . 2013-08-18 14:02 -------- d-----w- c:\programdata\Hi-Rez Studios
2013-08-13 22:22 . 2013-07-09 04:50 652800 ----a-w- c:\windows\system32\rpcrt4.dll
2013-08-13 22:22 . 2013-07-09 04:46 1166848 ----a-w- c:\windows\system32\crypt32.dll
2013-08-13 22:22 . 2013-07-09 04:52 175104 ----a-w- c:\windows\system32\wintrust.dll
2013-08-13 22:22 . 2013-07-09 04:46 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2013-08-13 22:22 . 2013-07-09 04:46 103936 ----a-w- c:\windows\system32\cryptnet.dll
2013-08-13 22:22 . 2013-07-09 05:03 3968960 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-08-13 22:22 . 2013-07-09 05:03 3913664 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-08-13 22:22 . 2013-07-09 04:53 1289096 ----a-w- c:\windows\system32\ntdll.dll
2013-08-13 22:22 . 2013-07-25 08:57 1620992 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-08-13 22:22 . 2013-07-06 05:05 1293760 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-08-13 22:22 . 2013-07-19 01:41 2048 ----a-w- c:\windows\system32\tzres.dll
2013-08-13 22:22 . 2013-06-15 03:38 31232 ----a-w- c:\windows\system32\drivers\tssecsrv.sys
2013-08-10 20:40 . 2013-08-10 20:40 -------- d-----w- c:\users\yohann\AppData\Roaming\Unity
2013-08-10 20:38 . 2013-08-10 20:38 -------- d-----w- c:\users\yohann\AppData\Local\Unity
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-21 13:52 . 2012-04-21 19:10 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-08-21 13:52 . 2011-05-28 18:26 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-07-18 17:12 . 2011-08-21 22:33 698504 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2013-06-30 10:28 . 2013-06-30 10:28 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-06-30 10:28 . 2012-07-06 13:26 867240 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-06-30 10:28 . 2011-09-30 00:14 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-06-18 19:50 . 2013-06-18 19:50 211560 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2013-06-18 19:50 . 2010-10-24 19:25 107392 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2013-06-05 03:05 . 2013-07-09 18:20 2347520 ----a-w- c:\windows\system32\win32k.sys
2013-06-04 04:53 . 2013-07-09 18:20 509440 ----a-w- c:\windows\system32\qedit.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-06-20 995176]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
WiFi Station N.lnk - c:\program files\Hercules\WiFiStationN\WiFiN.exe -s [2012-6-16 128296]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-06-21 162408]
R3 cpuz135;cpuz135;c:\users\yohann\AppData\Local\Temp\cpuz135\cpuz135_x32.sys [x]
R3 EagleXNt;EagleXNt;c:\windows\system32\drivers\EagleXNt.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-06-18 107392]
R3 NisSrv;Inspection du réseau Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe [2013-06-20 295376]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2011-05-11 4330168]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 49664]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2011-05-28 1343400]
S1 MpKsl4c28ab49;MpKsl4c28ab49;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5E6CECF7-DFCB-4AE6-959F-F17112E3EE97}\MpKsl4c28ab49.sys [2013-08-29 29904]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 HerculesWiFi;HerculesWiFi;c:\windows\system32\\HerculesWiFiService.exe [2010-11-17 53544]
S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;d:\program files\Hi-Rez Studios\HiPatchService.exe [2013-08-13 9216]
S2 MaConfigAgent;Ma-Config Agent;c:\program files\ma-config.com\MaConfigAgent.exe [2013-08-22 1783632]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-01-18 383264]
S2 TeamViewer7;TeamViewer 7;c:\program files\TeamViewer\Version7\TeamViewer_Service.exe [2012-01-19 3027840]
S3 dc3d;Pilote de détection des périphériques Microsoft Hardware;c:\windows\system32\DRIVERS\dc3d.sys [2013-05-06 65200]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2011-06-10 394856]
S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys [2010-11-25 603240]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Contenu du dossier 'Tâches planifiées'
.
2013-08-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-21 13:52]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/
Trusted Zone: ma-config.com
Trusted Zone: touslesdrivers.com
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\yohann\AppData\Roaming\Mozilla\Firefox\Profiles\7wfkqo5y.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files\common files\akamai/netsession_win_8fa3539.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\Microsoft Security Client\MsMpEng.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\system32\HerculesWiFiService.exe
c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\windows\system32\taskhost.exe
c:\program files\Microsoft Mouse and Keyboard Center\itype.exe
c:\program files\Microsoft Mouse and Keyboard Center\ipoint.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\System32\WUDFHost.exe
c:\windows\system32\conhost.exe
c:\program files\Hercules\WiFiStationN\WiFiN.exe
c:\program files\NVIDIA Corporation\Display\nvtray.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Heure de fin: 2013-08-29 15:48:08 - La machine a redémarré
ComboFix-quarantined-files.txt 2013-08-29 13:48
ComboFix2.txt 2013-08-29 03:42
ComboFix3.txt 2013-08-28 00:59
.
Avant-CF: 79 944 228 864 octets libres
Après-CF: 79 749 881 856 octets libres
.
- - End Of File - - BE370B7B6D4957C6533D6217B82D6ABD
A36C5E4F47E84449FF07ED3517B43A31
ComboFix 13-08-29.01 - yohann 29/08/2013 15:36:37.3.4 - x86
Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.33.1036.18.3031.1996 [GMT 2:00]
Lancé depuis: c:\users\yohann\Desktop\123.exe
Commutateurs utilisés :: c:\users\yohann\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_JGAMEENP
-------\Service_jgameenp
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2013-07-28 au 2013-08-29 ))))))))))))))))))))))))))))))))))))
.
.
2013-08-29 13:42 . 2013-08-29 13:42 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-08-29 13:42 . 2013-08-29 13:42 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-08-29 12:40 . 2013-08-29 12:40 60872 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5E6CECF7-DFCB-4AE6-959F-F17112E3EE97}\offreg.dll
2013-08-29 12:40 . 2013-08-29 12:40 29904 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5E6CECF7-DFCB-4AE6-959F-F17112E3EE97}\MpKsl4c28ab49.sys
2013-08-29 12:40 . 2013-08-06 07:28 7166848 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5E6CECF7-DFCB-4AE6-959F-F17112E3EE97}\mpengine.dll
2013-08-29 03:30 . 2013-08-29 03:30 -------- d-----w- C:\pourlesite
2013-08-28 10:06 . 2013-08-28 10:06 -------- d-----w- c:\windows\ERUNT
2013-08-28 09:54 . 2013-08-28 09:55 -------- d-----w- C:\AdwCleaner
2013-08-28 01:01 . 2013-08-06 07:28 7166848 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-08-28 00:57 . 2013-08-29 13:44 -------- d-----w- c:\users\yohann\AppData\Local\temp
2013-08-27 02:09 . 2013-08-27 02:11 -------- d-----w- c:\program files\ZHPDiag
2013-08-27 02:09 . 2013-08-27 02:11 -------- d-----w- C:\ZHP
2013-08-26 14:08 . 2013-08-27 02:24 -------- d-----w- c:\program files\ma-config.com
2013-08-26 14:08 . 2013-08-26 14:08 -------- d-----w- c:\programdata\ma-config.com
2013-08-26 03:35 . 2013-08-26 03:35 -------- d-----w- c:\users\yohann\AppData\Roaming\Malwarebytes
2013-08-26 03:34 . 2013-08-26 03:34 -------- d-----w- c:\programdata\Malwarebytes
2013-08-26 03:34 . 2013-08-26 15:25 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-08-22 12:32 . 2013-08-22 12:32 697992 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9C3B02CC-3E8C-4921-8408-7122EF3DBBCF}\gapaengine.dll
2013-08-18 14:02 . 2013-08-18 14:02 -------- d-----w- c:\programdata\Hi-Rez Studios
2013-08-13 22:22 . 2013-07-09 04:50 652800 ----a-w- c:\windows\system32\rpcrt4.dll
2013-08-13 22:22 . 2013-07-09 04:46 1166848 ----a-w- c:\windows\system32\crypt32.dll
2013-08-13 22:22 . 2013-07-09 04:52 175104 ----a-w- c:\windows\system32\wintrust.dll
2013-08-13 22:22 . 2013-07-09 04:46 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2013-08-13 22:22 . 2013-07-09 04:46 103936 ----a-w- c:\windows\system32\cryptnet.dll
2013-08-13 22:22 . 2013-07-09 05:03 3968960 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-08-13 22:22 . 2013-07-09 05:03 3913664 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-08-13 22:22 . 2013-07-09 04:53 1289096 ----a-w- c:\windows\system32\ntdll.dll
2013-08-13 22:22 . 2013-07-25 08:57 1620992 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-08-13 22:22 . 2013-07-06 05:05 1293760 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-08-13 22:22 . 2013-07-19 01:41 2048 ----a-w- c:\windows\system32\tzres.dll
2013-08-13 22:22 . 2013-06-15 03:38 31232 ----a-w- c:\windows\system32\drivers\tssecsrv.sys
2013-08-10 20:40 . 2013-08-10 20:40 -------- d-----w- c:\users\yohann\AppData\Roaming\Unity
2013-08-10 20:38 . 2013-08-10 20:38 -------- d-----w- c:\users\yohann\AppData\Local\Unity
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-21 13:52 . 2012-04-21 19:10 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-08-21 13:52 . 2011-05-28 18:26 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-07-18 17:12 . 2011-08-21 22:33 698504 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2013-06-30 10:28 . 2013-06-30 10:28 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-06-30 10:28 . 2012-07-06 13:26 867240 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-06-30 10:28 . 2011-09-30 00:14 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-06-18 19:50 . 2013-06-18 19:50 211560 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2013-06-18 19:50 . 2010-10-24 19:25 107392 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2013-06-05 03:05 . 2013-07-09 18:20 2347520 ----a-w- c:\windows\system32\win32k.sys
2013-06-04 04:53 . 2013-07-09 18:20 509440 ----a-w- c:\windows\system32\qedit.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-06-20 995176]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
WiFi Station N.lnk - c:\program files\Hercules\WiFiStationN\WiFiN.exe -s [2012-6-16 128296]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-06-21 162408]
R3 cpuz135;cpuz135;c:\users\yohann\AppData\Local\Temp\cpuz135\cpuz135_x32.sys [x]
R3 EagleXNt;EagleXNt;c:\windows\system32\drivers\EagleXNt.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-06-18 107392]
R3 NisSrv;Inspection du réseau Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe [2013-06-20 295376]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2011-05-11 4330168]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 49664]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2011-05-28 1343400]
S1 MpKsl4c28ab49;MpKsl4c28ab49;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5E6CECF7-DFCB-4AE6-959F-F17112E3EE97}\MpKsl4c28ab49.sys [2013-08-29 29904]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 HerculesWiFi;HerculesWiFi;c:\windows\system32\\HerculesWiFiService.exe [2010-11-17 53544]
S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;d:\program files\Hi-Rez Studios\HiPatchService.exe [2013-08-13 9216]
S2 MaConfigAgent;Ma-Config Agent;c:\program files\ma-config.com\MaConfigAgent.exe [2013-08-22 1783632]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-01-18 383264]
S2 TeamViewer7;TeamViewer 7;c:\program files\TeamViewer\Version7\TeamViewer_Service.exe [2012-01-19 3027840]
S3 dc3d;Pilote de détection des périphériques Microsoft Hardware;c:\windows\system32\DRIVERS\dc3d.sys [2013-05-06 65200]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2011-06-10 394856]
S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys [2010-11-25 603240]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Contenu du dossier 'Tâches planifiées'
.
2013-08-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-21 13:52]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/
Trusted Zone: ma-config.com
Trusted Zone: touslesdrivers.com
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\yohann\AppData\Roaming\Mozilla\Firefox\Profiles\7wfkqo5y.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files\common files\akamai/netsession_win_8fa3539.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\Microsoft Security Client\MsMpEng.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\system32\HerculesWiFiService.exe
c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\windows\system32\taskhost.exe
c:\program files\Microsoft Mouse and Keyboard Center\itype.exe
c:\program files\Microsoft Mouse and Keyboard Center\ipoint.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\System32\WUDFHost.exe
c:\windows\system32\conhost.exe
c:\program files\Hercules\WiFiStationN\WiFiN.exe
c:\program files\NVIDIA Corporation\Display\nvtray.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Heure de fin: 2013-08-29 15:48:08 - La machine a redémarré
ComboFix-quarantined-files.txt 2013-08-29 13:48
ComboFix2.txt 2013-08-29 03:42
ComboFix3.txt 2013-08-28 00:59
.
Avant-CF: 79 944 228 864 octets libres
Après-CF: 79 749 881 856 octets libres
.
- - End Of File - - BE370B7B6D4957C6533D6217B82D6ABD
A36C5E4F47E84449FF07ED3517B43A31
g3n-h@ckm@n
Messages postés
13238
Date d'inscription
jeudi 31 janvier 2013
Statut
Membre
Dernière intervention
24 février 2022
948
29 août 2013 à 19:09
29 août 2013 à 19:09
mmmm........ toujours les soucis ?
ShadowLee
Messages postés
53
Date d'inscription
mardi 27 août 2013
Statut
Membre
Dernière intervention
1 septembre 2013
30 août 2013 à 02:44
30 août 2013 à 02:44
oui toujour malheureusement désolé pour le réponse tardive boulot de nuit :/
g3n-h@ckm@n
Messages postés
13238
Date d'inscription
jeudi 31 janvier 2013
Statut
Membre
Dernière intervention
24 février 2022
948
30 août 2013 à 07:54
30 août 2013 à 07:54
re
touche windows + R
tape :
chkdsk /f /r c:
accepte l'analyse au redemarrage et redemarre
touche windows + R
tape :
chkdsk /f /r c:
accepte l'analyse au redemarrage et redemarre
ShadowLee
Messages postés
53
Date d'inscription
mardi 27 août 2013
Statut
Membre
Dernière intervention
1 septembre 2013
30 août 2013 à 12:53
30 août 2013 à 12:53
salut,
je l'ai fais mais ce passe rien j'ai redémarrer pas eu d'analyse,
peu etre parce que j'ai pas d'anti-virus ? et que cette action concerne l'anti-virus ?
je l'ai fais mais ce passe rien j'ai redémarrer pas eu d'analyse,
peu etre parce que j'ai pas d'anti-virus ? et que cette action concerne l'anti-virus ?
g3n-h@ckm@n
Messages postés
13238
Date d'inscription
jeudi 31 janvier 2013
Statut
Membre
Dernière intervention
24 février 2022
948
30 août 2013 à 13:37
30 août 2013 à 13:37
non
demarrer/programmes/accessoires clic droit sur "invité de commandes" => executer en tant qu'administrateur
dans la fenetre noire tape : chkdsk /f /r C:
puis entrée
il te dit pas que c'est pas possible parce que le volume est occupé là .?
demarrer/programmes/accessoires clic droit sur "invité de commandes" => executer en tant qu'administrateur
dans la fenetre noire tape : chkdsk /f /r C:
puis entrée
il te dit pas que c'est pas possible parce que le volume est occupé là .?
ShadowLee
Messages postés
53
Date d'inscription
mardi 27 août 2013
Statut
Membre
Dernière intervention
1 septembre 2013
30 août 2013 à 13:41
30 août 2013 à 13:41
c'est exacte oui j'ai mis O je redémarre je te redis merci de prendre de temps
g3n-h@ckm@n
Messages postés
13238
Date d'inscription
jeudi 31 janvier 2013
Statut
Membre
Dernière intervention
24 février 2022
948
30 août 2013 à 14:10
30 août 2013 à 14:10
pas de soucis :)
