12 sujets de 1 à 12 (sur un total de 12)
  • Auteur
    Messages
  • FranckyDad
    Nombre d'articles : 0

    Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 09-11-2013
    Ran by FrancoisTOSH (administrator) on FRANCOISTOSH-PC on 10-11-2013 14:29:24
    Running from C:UsersFrancoisTOSHDownloads
    Microsoft Windows 7 Édition Familiale Premium Service Pack 1 (X86) OS Language: French Standard
    Internet Explorer Version 10
    Boot Mode: Normal

    ==================== Processes (Whitelisted) ===================

    (NVIDIA Corporation) C:Windowssystem32nvvsvc.exe
    (Microsoft Corporation) c:Program FilesMicrosoft Security ClientMsMpEng.exe
    (LSI Corporation) C:Program FilesLSI SoftModemagrsmsvc.exe
    (Apple Inc.) C:Program FilesCommon FilesAppleMobile Device SupportAppleMobileDeviceService.exe
    (Apple Inc.) C:Program FilesBonjourmDNSResponder.exe
    (TOSHIBA Corporation) C:Program FilesTOSHIBAPower SaverTosCoSrv.exe
    (Microsoft Corp.) C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE
    (Microsoft Corp.) C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe
    (Realtek Semiconductor) C:Program FilesRealtekAudioHDARtHDVCpl.exe
    (TOSHIBA Corporation) C:Program FilesTOSHIBAPower SaverTPwrMain.exe
    (TOSHIBA Corporation) C:Program FilesTOSHIBASmoothViewSmoothView.exe
    (TOSHIBA Corporation) C:Program FilesTOSHIBAFlashCardsTCrdMain.exe
    (Chicony) C:Program FilesCamera Assistant Software for Toshibatraybar.exe
    (Guillemot Corporation S.A.) C:Program FilesHerculesDeluxe Optical GlassXtrCtrl.exe
    (Microsoft Corporation) c:Program FilesMicrosoft Security ClientNisSrv.exe
    (Synaptics, Inc.) C:Program FilesSynapticsSynTPSynTPEnh.exe
    (Microsoft Corporation) C:Program FilesMicrosoft Security Clientmsseces.exe
    (Apple Inc.) C:Program FilesiTunesiTunesHelper.exe
    (Glarysoft Ltd) C:Program FilesGlary Utilities 3Integrator.exe
    (Skype Technologies S.A.) C:Program FilesSkypePhoneSkype.exe
    (Synaptics, Inc.) C:Program FilesSynapticsSynTPSynToshiba.exe
    (Synaptics, Inc.) C:Program FilesSynapticsSynTPSynTPHelper.exe
    (Apple Inc.) C:Program FilesiPodbiniPodService.exe
    (TOSHIBA CORPORATION) C:Program FilesTOSHIBAConfigFreeNDSTray.exe
    (TOSHIBA CORPORATION) C:Program FilesTOSHIBAConfigFreeCFSwMgr.exe
    (Apple Inc.) C:Program FilesSafariSafari.exe
    (Apple Inc.) C:Program FilesSafariApple Application SupportWebKit2WebProcess.exe
    (TOSHIBA CORPORATION) C:Program FilesTOSHIBAConfigFreeCFIWmxSvcs.exe
    (TOSHIBA CORPORATION) C:Program FilesTOSHIBAConfigFreeCFSvcs.exe

    ==================== Registry (Whitelisted) ==================

    HKLM…Run: [NvCplDaemon] – RUNDLL32.EXE C:Windowssystem32NvCpl.dll,NvStartup
    HKLM…Run: [NvMediaCenter] – RUNDLL32.EXE C:Windowssystem32NvMcTray.dll,NvTaskbarInit
    HKLM…Run: [RtHDVCpl] – C:Program FilesRealtekAudioHDARtHDVCpl.exe [7625248 2009-07-28] (Realtek Semiconductor)
    HKLM…Run: [TPwrMain] – C:Program FilesTOSHIBAPower SaverTPwrMain.exe [480608 2009-11-05] (TOSHIBA Corporation)
    HKLM…Run: [HSON] – C:Program FilesTOSHIBATBSHSON.exe [55160 2009-03-09] (TOSHIBA Corporation)
    HKLM…Run: [SmoothView] – C:Program FilesTOSHIBASmoothViewSmoothView.exe [521528 2009-08-13] (TOSHIBA Corporation)
    HKLM…Run: [00TCrdMain] – C:Program FilesTOSHIBAFlashCardsTCrdMain.exe [738616 2009-11-10] (TOSHIBA Corporation)
    HKLM…Run: [Camera Assistant Software] – C:Program FilesCamera Assistant Software for Toshibatraybar.exe [417792 2009-04-10] (Chicony)
    HKLM…Run: [Adobe ARM] – C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
    HKLM…Run: [CamserviceOG] – C:Program FilesHerculesDeluxe Optical GlassXtrCtrl.exe [2913576 2010-05-26] (Guillemot Corporation S.A.)
    HKLM…Run: [SynTPEnh] – C:Program FilesSynapticsSynTPSynTPEnh.exe [1316136 2008-06-20] (Synaptics, Inc.)
    HKLM…Run: [MSC] – C:Program FilesMicrosoft Security Clientmsseces.exe [995176 2013-08-12] (Microsoft Corporation)
    HKLM…Run: [APSDaemon] – C:Program FilesCommon FilesAppleApple Application SupportAPSDaemon.exe [59720 2013-04-21] (Apple Inc.)
    HKLM…Run: [QuickTime Task] – C:Program FilesQuickTimeQTTask.exe [421888 2013-05-01] (Apple Inc.)
    HKLM…Run: [iTunesHelper] – C:Program FilesiTunesiTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
    HKCU…Run: [EPSON SX218 Series] – C:Windowssystem32spoolDRIVERSW32X863E_FATIGDE.EXE /FU « C:WindowsTEMPE_S9D9A.tmp » /EF « HKCU »
    HKCU…Run: [Skype] – C:Program FilesSkypePhoneSkype.exe [20551328 2013-10-21] (Skype Technologies S.A.)
    BootExecute: autocheck autochk * BootDefrag.exe

    ==================== Internet (Whitelisted) ====================

    HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://aartemis.com/?type=hp&ts=1384083631&from=tugs&uid=TOSHIBAXTHNSNS120GBSP_62TS104LT3VY » onclick= »window.open(this.href);return false;
    HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp » onclick= »window.open(this.href);return false;
    HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page Redirect Cache AcceptLangs = fr
    HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://aartemis.com/?type=hp&ts=1384083631&from=tugs&uid=TOSHIBAXTHNSNS120GBSP_62TS104LT3VY » onclick= »window.open(this.href);return false;
    HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://www.aartemis.com/web/?type=ds&ts=1384083631&from=tugs&uid=TOSHIBAXTHNSNS120GBSP_62TS104LT3VY&q= » onclick= »window.open(this.href);return false;{searchTerms}
    HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://aartemis.com/?type=hp&ts=1384083631&from=tugs&uid=TOSHIBAXTHNSNS120GBSP_62TS104LT3VY » onclick= »window.open(this.href);return false;
    HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://aartemis.com/?type=hp&ts=1384083631&from=tugs&uid=TOSHIBAXTHNSNS120GBSP_62TS104LT3VY » onclick= »window.open(this.href);return false;
    HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://www.aartemis.com/web/?type=ds&ts=1384083631&from=tugs&uid=TOSHIBAXTHNSNS120GBSP_62TS104LT3VY&q= » onclick= »window.open(this.href);return false;{searchTerms}
    StartMenuInternet: IEXPLORE.EXE – C:Program FilesInternet Exploreriexplore.exe http://aartemis.com/?type=sc&ts=1384083631&from=tugs&uid=TOSHIBAXTHNSNS120GBSP_62TS104LT3VY » onclick= »window.open(this.href);return false;
    SearchScopes: HKLM – DefaultScope value is missing.
    SearchScopes: HKCU – {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    BHO: Windows Live ID Sign-in Helper – {9030D464-4C02-4ABF-8ECC-5164760863C6} – C:Program FilesCommon Filesmicrosoft sharedWindows LiveWindowsLiveLogin.dll (Microsoft Corp.)
    Handler: skype4com – {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} – C:Program FilesCommon FilesSkypeSkype4COM.dll (Skype Technologies)
    Winsock: Catalog5 09 C:Program FilesBonjourmdnsNSP.dll [121704] (Apple Inc.)
    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    TcpipParameters: [DhcpNameServer] 192.168.1.254

    FireFox:
    ========
    FF ProfilePath: C:UsersFrancoisTOSHAppDataRoamingMozillaFirefoxProfilesezs1fwx4.default-1382292847194
    FF NewTab: hxxp://aartemis.com/newtab/?type=nt&ts=1384083631&from=tugs&uid=TOSHIBAXTHNSNS120GBSP_62TS104LT3VY » onclick= »window.open(this.href);return false;
    FF DefaultSearchEngine: aartemis
    FF SelectedSearchEngine: aartemis
    FF Homepage: hxxp://aartemis.com/?type=hp&ts=1384083631&from=tugs&uid=TOSHIBAXTHNSNS120GBSP_62TS104LT3VY » onclick= »window.open(this.href);return false;
    FF Plugin: @adobe.com/FlashPlayer – C:Windowssystem32MacromedFlashNPSWF32_11_9_900_117.dll ()
    FF Plugin: @Apple.com/iTunes,version=1.0 – C:Program FilesiTunesMozilla Pluginsnpitunes.dll ()
    FF Plugin: @microsoft.com/GENUINE – disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 – c:Program FilesMicrosoft Silverlight5.1.20913.0npctrl.dll ( Microsoft Corporation)
    FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 – C:Program FilesWindows LivePhoto GalleryNPWLPG.dll (Microsoft Corporation)
    FF Plugin: @microsoft.com/WLPG,version=16.4.3508.0205 – C:Program FilesWindows LivePhoto GalleryNPWLPG.dll (Microsoft Corporation)
    FF Plugin: @tools.google.com/Google Update;version=3 – C:Program FilesGoogleUpdate1.3.21.145npGoogleUpdate3.dll (Google Inc.)
    FF Plugin: @tools.google.com/Google Update;version=9 – C:Program FilesGoogleUpdate1.3.21.145npGoogleUpdate3.dll (Google Inc.)
    FF Plugin: @videolan.org/vlc,version=2.0.8 – C:Program FilesVideoLANVLCnpvlc.dll (VideoLAN)
    FF Plugin: Adobe Reader – C:Program FilesAdobeReader 11.0ReaderAIRnppdf32.dll (Adobe Systems Inc.)
    FF SearchPlugin: C:Program Filesmozilla firefoxsearchpluginsaartemis.xml
    FF SearchPlugin: C:Program Filesmozilla firefoxbrowsersearchpluginsamazon-france.xml
    FF SearchPlugin: C:Program Filesmozilla firefoxbrowsersearchpluginscnrtl-tlfi-fr.xml
    FF SearchPlugin: C:Program Filesmozilla firefoxbrowsersearchpluginseBay-france.xml
    FF SearchPlugin: C:Program Filesmozilla firefoxbrowsersearchpluginsyahoo-france.xml
    FF StartMenuInternet: FIREFOX.EXE – C:Program FilesMozilla Firefoxfirefox.exe http://aartemis.com/?type=sc&ts=1384083631&from=tugs&uid=TOSHIBAXTHNSNS120GBSP_62TS104LT3VY » onclick= »window.open(this.href);return false;

    ========================== Services (Whitelisted) =================

    R2 AgereModemAudio; C:Program FilesLSI SoftModemagrsmsvc.exe [14336 2009-03-27] (LSI Corporation)
    R2 cfWiMAXService; C:Program FilesTOSHIBAConfigFreeCFIWmxSvcs.exe [185712 2009-08-10] (TOSHIBA CORPORATION)
    R2 ConfigFree Service; C:Program FilesTOSHIBAConfigFreeCFSvcs.exe [46448 2009-03-10] (TOSHIBA CORPORATION)
    R2 MsMpSvc; c:Program FilesMicrosoft Security ClientMsMpEng.exe [22208 2013-08-12] (Microsoft Corporation)
    R3 NisSrv; c:Program FilesMicrosoft Security ClientNisSrv.exe [295376 2013-08-12] (Microsoft Corporation)

    ==================== Drivers (Whitelisted) ====================

    R0 BootDefragDriver; C:WindowsSystem32driversBootDefragDriver.sys [14080 2013-10-24] ()
    R3 hxctlflt; C:WindowsSystem32DRIVERShxctlflt.sys [99968 2009-02-09] (Guillemot Corporation)
    R0 MpFilter; C:WindowsSystem32DRIVERSMpFilter.sys [211560 2013-06-18] (Microsoft Corporation)
    R3 ProcObsrv; C:Program FilesGlary Utilities 3ProcObsrv.sys [11552 2013-10-28] (Glarysoft Ltd)
    S3 RTL8192cu; C:WindowsSystem32DRIVERSRTL8192cu.sys [629760 2010-08-10] (Realtek Semiconductor Corporation )
    R3 SNPSTD3; C:WindowsSystem32DRIVERSsnpstd3.sys [10371072 2007-07-17] (Sonix Co. Ltd.)
    R3 UVCFTR; C:WindowsSystem32DriversUVCFTR_S.SYS [17960 2009-04-10] (Chicony Electronics Co., Ltd.)

    ==================== NetSvcs (Whitelisted) ===================

    ==================== One Month Created Files and Folders ========

    2013-11-10 14:29 – 2013-11-10 14:29 – 00000000 ____D C:FRST
    2013-11-10 14:28 – 2013-11-10 14:28 – 01089447 _____ (Farbar) C:UsersFrancoisTOSHDownloadsFRST.exe
    2013-11-10 14:14 – 2013-11-10 14:14 – 00001776 _____ C:WindowsPFRO.log
    2013-11-10 14:02 – 2013-11-10 14:02 – 00001764 _____ C:UsersPublicDesktopiTunes.lnk
    2013-11-10 14:02 – 2013-11-10 14:02 – 00000000 ____D C:Program FilesiPod
    2013-11-10 14:01 – 2013-11-10 14:02 – 00000000 ____D C:ProgramData188F1432-103A-4ffb-80F1-36B633C5C9E1
    2013-11-10 14:01 – 2013-11-10 14:02 – 00000000 ____D C:Program FilesiTunes
    2013-11-10 12:42 – 2013-11-10 13:11 – 208615285 _____ C:UsersFrancoisTOSHDownloadsLTF.DF.avi.part
    2013-11-10 12:42 – 2013-11-10 12:42 – 00000000 _____ C:UsersFrancoisTOSHDownloadsLTF.DF.avi
    2013-11-07 07:40 – 2013-11-10 14:24 – 00000784 _____ C:Windowssetupact.log
    2013-11-07 07:40 – 2013-11-07 07:40 – 00000000 _____ C:Windowssetuperr.log
    2013-11-06 19:23 – 2013-11-06 19:24 – 04379048 _____ (Piriform Ltd) C:UsersFrancoisTOSHDownloadsccsetup407.exe
    2013-10-31 17:26 – 2013-10-31 17:27 – 00000000 ____D C:Program FilesMozilla Firefox
    2013-10-29 17:39 – 2013-10-29 17:39 – 13763848 _____ C:UsersFrancoisTOSHDownloadsgu3setup.exe
    2013-10-26 11:26 – 2013-10-30 12:35 – 00000000 ____D C:UsersFrancoisTOSHDocumentsPièces identité
    2013-10-25 16:21 – 2013-10-25 16:21 – 00000000 ____D C:UsersFrancoisTOSHDocumentsDécathlon
    2013-10-20 19:39 – 2013-10-20 19:39 – 00040740 _____ C:UsersFrancoisTOSHDocumentscc_20131020_203906.reg
    2013-10-20 19:30 – 2013-11-10 14:23 – 00000000 ____D C:AdwCleaner
    2013-10-20 19:29 – 2013-11-10 14:19 – 01073262 _____ C:UsersFrancoisTOSHDownloadsadwcleaner.exe
    2013-10-18 08:11 – 2013-10-24 03:30 – 00014080 _____ () C:Windowssystem32DriversBootDefragDriver.sys
    2013-10-18 08:09 – 2013-10-18 08:09 – 00102548 ____H C:Windowssystem32mlfcache.dat
    2013-10-17 12:17 – 2013-11-07 21:54 – 00000000 ____D C:UsersFrancoisTOSHDocumentsMédical & Sanitaire

    ==================== One Month Modified Files and Folders =======

    2013-11-10 14:29 – 2013-11-10 14:29 – 00000000 ____D C:FRST
    2013-11-10 14:28 – 2013-11-10 14:28 – 01089447 _____ (Farbar) C:UsersFrancoisTOSHDownloadsFRST.exe
    2013-11-10 14:28 – 2010-11-20 22:01 – 01661710 _____ C:Windowssystem32PerfStringBackup.INI
    2013-11-10 14:27 – 2013-06-11 14:23 – 00000000 ____D C:UsersFrancoisTOSHAppDataRoamingSkype
    2013-11-10 14:27 – 2013-06-11 09:58 – 01644326 _____ C:WindowsWindowsUpdate.log
    2013-11-10 14:25 – 2013-09-01 17:02 – 00001002 _____ C:WindowsTasksAdobe Flash Player Updater.job
    2013-11-10 14:25 – 2013-08-14 21:42 – 00000334 _____ C:WindowsTasksGlaryInitialize 3.job
    2013-11-10 14:24 – 2013-11-07 07:40 – 00000784 _____ C:Windowssetupact.log
    2013-11-10 14:24 – 2013-08-14 21:42 – 00000000 ____D C:Program FilesGlary Utilities 3
    2013-11-10 14:24 – 2013-06-26 10:09 – 00000326 _____ C:WindowsTasksGlaryInitialize.job
    2013-11-10 14:24 – 2013-06-24 11:52 – 00001064 _____ C:WindowsTasksGoogleUpdateTaskMachineCore.job
    2013-11-10 14:24 – 2009-07-14 05:53 – 00000006 ____H C:WindowsTasksSA.DAT
    2013-11-10 14:23 – 2013-10-20 19:30 – 00000000 ____D C:AdwCleaner
    2013-11-10 14:22 – 2009-07-14 05:34 – 00022064 ____H C:Windowssystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2013-11-10 14:22 – 2009-07-14 05:34 – 00022064 ____H C:Windowssystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2013-11-10 14:19 – 2013-10-20 19:29 – 01073262 _____ C:UsersFrancoisTOSHDownloadsadwcleaner.exe
    2013-11-10 14:14 – 2013-11-10 14:14 – 00001776 _____ C:WindowsPFRO.log
    2013-11-10 14:14 – 2009-07-14 03:37 – 00000000 ____D C:WindowsGlobalization
    2013-11-10 14:02 – 2013-11-10 14:02 – 00001764 _____ C:UsersPublicDesktopiTunes.lnk
    2013-11-10 14:02 – 2013-11-10 14:02 – 00000000 ____D C:Program FilesiPod
    2013-11-10 14:02 – 2013-11-10 14:01 – 00000000 ____D C:ProgramData188F1432-103A-4ffb-80F1-36B633C5C9E1
    2013-11-10 14:02 – 2013-11-10 14:01 – 00000000 ____D C:Program FilesiTunes
    2013-11-10 14:01 – 2013-09-11 18:13 – 00000000 ____D C:Program FilesCommon FilesApple
    2013-11-10 13:57 – 2013-06-24 11:52 – 00001068 _____ C:WindowsTasksGoogleUpdateTaskMachineUA.job
    2013-11-10 13:11 – 2013-11-10 12:42 – 208615285 _____ C:UsersFrancoisTOSHDownloadsLTF.DF.avi.part
    2013-11-10 12:42 – 2013-11-10 12:42 – 00000000 _____ C:UsersFrancoisTOSHDownloadsLTF.DF.avi
    2013-11-10 12:40 – 2013-09-01 16:57 – 00001206 _____ C:UsersPublicDesktopMozilla Firefox.lnk
    2013-11-10 12:40 – 2013-06-17 13:47 – 00001339 _____ C:UsersFrancoisTOSHDesktopInternet Explorer.lnk
    2013-11-10 12:40 – 2013-06-11 09:59 – 00001369 _____ C:UsersFrancoisTOSHAppDataRoamingMicrosoftWindowsStart MenuProgramsInternet Explorer.lnk
    2013-11-07 21:55 – 2013-09-03 15:43 – 00000000 ____D C:UsersFrancoisTOSHDocumentsDélégué du PR Pau
    2013-11-07 21:54 – 2013-10-17 12:17 – 00000000 ____D C:UsersFrancoisTOSHDocumentsMédical & Sanitaire
    2013-11-07 21:53 – 2013-06-11 09:59 – 00000000 ____D C:UsersFrancoisTOSH
    2013-11-07 08:39 – 2013-06-11 14:22 – 00000000 ____D C:ProgramDataSkype
    2013-11-07 07:40 – 2013-11-07 07:40 – 00000000 _____ C:Windowssetuperr.log
    2013-11-06 19:24 – 2013-11-06 19:23 – 04379048 _____ (Piriform Ltd) C:UsersFrancoisTOSHDownloadsccsetup407.exe
    2013-11-06 19:24 – 2013-06-26 09:56 – 00000980 _____ C:UsersPublicDesktopCCleaner.lnk
    2013-11-06 19:24 – 2013-06-26 09:56 – 00000000 ____D C:Program FilesCCleaner
    2013-11-01 09:28 – 2013-09-01 16:57 – 00000000 ____D C:Program FilesMozilla Maintenance Service
    2013-10-31 17:27 – 2013-10-31 17:26 – 00000000 ____D C:Program FilesMozilla Firefox
    2013-10-30 12:35 – 2013-10-26 11:26 – 00000000 ____D C:UsersFrancoisTOSHDocumentsPièces identité
    2013-10-29 17:40 – 2013-08-14 21:42 – 00001053 _____ C:UsersPublicDesktopGlary Utilities 3.lnk
    2013-10-29 17:39 – 2013-10-29 17:39 – 13763848 _____ C:UsersFrancoisTOSHDownloadsgu3setup.exe
    2013-10-28 09:38 – 2013-08-14 21:42 – 00101664 _____ (Glarysoft Ltd) C:Windowssystem32BootDefrag.exe
    2013-10-26 11:52 – 2013-09-18 10:10 – 00000000 ____D C:UsersFrancoisTOSHAppDataRoamingVSO
    2013-10-25 16:21 – 2013-10-25 16:21 – 00000000 ____D C:UsersFrancoisTOSHDocumentsDécathlon
    2013-10-24 03:30 – 2013-10-18 08:11 – 00014080 _____ () C:Windowssystem32DriversBootDefragDriver.sys
    2013-10-23 06:53 – 2013-09-05 16:17 – 00000000 ____D C:UsersFrancoisTOSHDocumentsSXM Hugo & Morgane
    2013-10-20 19:39 – 2013-10-20 19:39 – 00040740 _____ C:UsersFrancoisTOSHDocumentscc_20131020_203906.reg
    2013-10-18 08:12 – 2013-06-11 10:49 – 00000000 ____D C:WindowsPanther
    2013-10-18 08:09 – 2013-10-18 08:09 – 00102548 ____H C:Windowssystem32mlfcache.dat
    2013-10-18 08:08 – 2013-06-11 14:23 – 00000000 ___RD C:Program FilesSkype
    2013-10-17 16:05 – 2013-06-12 14:07 – 00000000 ____D C:UsersFrancoisTOSHAppDataRoamingvlc
    2013-10-17 15:31 – 2009-07-14 03:37 – 00000000 ____D C:WindowsLiveKernelReports
    2013-10-15 13:33 – 2013-09-03 16:21 – 00000000 ____D C:UsersFrancoisTOSHDocumentsVol Air Caraïbes SXM
    2013-10-11 16:58 – 2013-09-11 14:55 – 00000000 ____D C:UsersFrancoisTOSHDocumentsRéserve GGD 64
    2013-10-11 15:22 – 2013-06-12 12:02 – 00000000 ____D C:UsersFrancoisTOSHAppDataRoamingEPSON
    2013-10-11 13:40 – 2009-07-14 03:37 – 00000000 ____D C:Windowsrescache
    2013-10-11 10:59 – 2013-09-11 18:14 – 00000000 ____D C:UsersFrancoisTOSHAppDataRoamingApple Computer

    Some content of TEMP:
    ====================
    C:UsersFrancoisTOSHAppDataLocalTempBackupSetup.exe
    C:UsersFrancoisTOSHAppDataLocalTempPlayer_Setup.exe
    C:UsersFrancoisTOSHAppDataLocalTempQuarantine.exe
    C:UsersFrancoisTOSHAppDataLocalTempSkypeSetup.exe
    C:UsersFrancoisTOSHAppDataLocalTempvcredist_x86.exe

    ==================== Bamital & volsnap Check =================

    C:Windowsexplorer.exe => MD5 is legit
    C:WindowsSystem32winlogon.exe => MD5 is legit
    C:WindowsSystem32wininit.exe => MD5 is legit
    C:WindowsSystem32svchost.exe => MD5 is legit
    C:WindowsSystem32services.exe => MD5 is legit
    C:WindowsSystem32User32.dll => MD5 is legit
    C:WindowsSystem32userinit.exe => MD5 is legit
    C:WindowsSystem32Driversvolsnap.sys => MD5 is legit

    LastRegBack: 2013-10-23 09:26

    ==================== End Of Log ============================

    g3n-h@ckm@n
    Modérateur
    Nombre d'articles : 8210

    bonjour

    • Télécharges Adwcleaner (de Xplode) sur ton Bureau !
    • Fais clic droit dessus, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista
      1. Choisi l’option Scanner
      2. Choisi l’option Nettoyer
      3. Accepte l’avertissement en cliquant sur OK

      4. Acceptes les avertissements/informations en cliquant sur OK
    FranckyDad
    Nombre d'articles : 0

    Bonjour,

    malgré les conseils prodigués AARTEMIS me colle aux basques !!!! Malwarebytes et Adwcleaner ne lui ont même pas fait mal.

    Suis preneur de toute solution destinée à favoriser un divorce avec AARTEMIS
    Merci par avance .

    g3n-h@ckm@n
    Modérateur
    Nombre d'articles : 8210

    re

    désolé pour le temps de réponse :

    j’aurais bien voulu lire le rapport quand même

    ensuite :

    • Télécharge Shortcut_Module (de g3n-h@ckm@n) sur ton bureau.
    • Lance Shortcut_Module, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista

      Note : Patiente le temps du scan

    • Copie et colle le contenu du rapport C:Shortcut_Module_xx_xx_xx_xx_xx_xx.txt (les « x » étant des chiffres)
    Franckydad
    Nombre d'articles : 0

    Bien pris,
    dans un premier tps voici le raport anti-malwarebytes, suivi du rapport Adwcleaner

    Malwarebytes Anti-Malware 1.75.0.1300
    http://www.malwarebytes.org » onclick= »window.open(this.href);return false;

    Version de la base de données: v2013.11.11.03

    Windows 7 Service Pack 1 x86 NTFS
    Internet Explorer 10.0.9200.16721
    FrancoisTOSH :: FRANCOISTOSH-PC [administrateur]

    11/11/2013 11:42:09
    mbam-log-2013-11-11 (11-42-09).txt

    Type d’examen: Examen rapide
    Options d’examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
    Options d’examen désactivées: P2P
    Elément(s) analysé(s): 201155
    Temps écoulé: 6 minute(s), 21 seconde(s)

    Processus mémoire détecté(s): 0
    (Aucun élément nuisible détecté)

    Module(s) mémoire détecté(s): 0
    (Aucun élément nuisible détecté)

    Clé(s) du Registre détectée(s): 0
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre détectée(s): 0
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre détecté(s): 0
    (Aucun élément nuisible détecté)

    Dossier(s) détecté(s): 0
    (Aucun élément nuisible détecté)

    Fichier(s) détecté(s): 0
    (Aucun élément nuisible détecté)

    (fin)

    _____________________________________________________________________________________________________

    # AdwCleaner v3.011 – Rapport créé le 11/11/2013 à 11:54:48
    # Mis à jour le 03/11/2013 par Xplode
    # Système d’exploitation : Windows 7 Home Premium Service Pack 1 (32 bits)
    # Nom d’utilisateur : FrancoisTOSH – FRANCOISTOSH-PC
    # Exécuté depuis : C:UsersFrancoisTOSHDownloadsadwcleaner.exe
    # Option : Nettoyer

    ***** [ Services ] *****

    ***** [ Fichiers / Dossiers ] *****

    ***** [ Raccourcis ] *****

    ***** [ Registre ] *****

    ***** [ Navigateurs ] *****

    -\ Internet Explorer v10.0.9200.16720

    -\ Mozilla Firefox v25.0 (fr)

    [ Fichier : C:UsersFrancoisTOSHAppDataRoamingMozillaFirefoxProfilesezs1fwx4.default-1382292847194prefs.js ]

    *************************

    AdwCleaner[R0].txt – [12655 octets] – [20/10/2013 19:30:26]
    AdwCleaner[R1].txt – [1108 octets] – [10/11/2013 14:20:51]
    AdwCleaner[R2].txt – [1093 octets] – [10/11/2013 19:36:28]
    AdwCleaner[R3].txt – [1213 octets] – [10/11/2013 19:48:37]
    AdwCleaner[R4].txt – [1333 octets] – [11/11/2013 11:53:48]
    AdwCleaner[S0].txt – [11240 octets] – [20/10/2013 19:31:04]
    AdwCleaner[S1].txt – [1175 octets] – [10/11/2013 14:23:46]
    AdwCleaner[S2].txt – [1155 octets] – [10/11/2013 19:37:42]
    AdwCleaner[S3].txt – [1275 octets] – [10/11/2013 19:50:06]
    AdwCleaner[S4].txt – [1255 octets] – [11/11/2013 11:54:48]

    ########## EOF – C:AdwCleanerAdwCleaner[S4].txt – [1315 octets] ##########

    g3n-h@ckm@n
    Modérateur
    Nombre d'articles : 8210

    ok la suite :D

    Franckydad
    Nombre d'articles : 0

    C’est gagné … j’ai relancé un scan avec ADWCleaner qui m’a fait savoir que la version utilisée n’était pas à jour … je la mets à jour et
    là (Cf. résultats du rapport) AARTEMIS est dévoré !!! de suite j’active Firefox et IE 10 et effectivement AARTEMIS est mort …

    Merci pour vos conseils avisés !
    Bonne soirée .
    ___________________________________________________________________________________
    # AdwCleaner v3.012 – Rapport créé le 12/11/2013 à 20:06:46
    # Mis à jour le 11/11/2013 par Xplode
    # Système d’exploitation : Windows 7 Home Premium Service Pack 1 (32 bits)
    # Nom d’utilisateur : FrancoisTOSH – FRANCOISTOSH-PC
    # Exécuté depuis : C:UsersFrancoisTOSHDownloadsadwcleaner.exe
    # Option : Nettoyer

    ***** [ Services ] *****

    ***** [ Fichiers / Dossiers ] *****

    Fichier Supprimé : C:Program FilesMozilla Firefoxsearchpluginsaartemis.xml

    ***** [ Raccourcis ] *****

    ***** [ Registre ] *****

    Clé Supprimée : HKLMSOFTWAREClassesAppID{0A18A436-2A7A-49F3-A488-30538A2F6323}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
    Clé Supprimée : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{006EE092-9658-4FD6-BD8E-A21A348E59F5}
    Clé Supprimée : HKLMSoftwareaartemisSoftware
    Clé Supprimée : HKLMSoftwareUniblue
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components8121C32A9C319F4CB0C11FF059552A4

    ***** [ Navigateurs ] *****

    -\ Internet Explorer v10.0.9200.16720

    -\ Mozilla Firefox v25.0 (fr)

    [ Fichier : C:UsersFrancoisTOSHAppDataRoamingMozillaFirefoxProfilesbnzym31r.default-1384168091820prefs.js ]

    *************************

    AdwCleaner[R0].txt – [12655 octets] – [20/10/2013 19:30:26]
    AdwCleaner[R1].txt – [1108 octets] – [10/11/2013 14:20:51]
    AdwCleaner[R2].txt – [1093 octets] – [10/11/2013 19:36:28]
    AdwCleaner[R3].txt – [1213 octets] – [10/11/2013 19:48:37]
    AdwCleaner[R4].txt – [1333 octets] – [11/11/2013 11:53:48]
    AdwCleaner[R5].txt – [2029 octets] – [12/11/2013 20:05:48]
    AdwCleaner[S0].txt – [11240 octets] – [20/10/2013 19:31:04]
    AdwCleaner[S1].txt – [1175 octets] – [10/11/2013 14:23:46]
    AdwCleaner[S2].txt – [1155 octets] – [10/11/2013 19:37:42]
    AdwCleaner[S3].txt – [1275 octets] – [10/11/2013 19:50:06]
    AdwCleaner[S4].txt – [1395 octets] – [11/11/2013 11:54:48]
    AdwCleaner[S5].txt – [1957 octets] – [12/11/2013 20:06:46]

    ########## EOF – C:AdwCleanerAdwCleaner[S5].txt – [2017 octets] ##########

    g3n-h@ckm@n
    Modérateur
    Nombre d'articles : 8210

    est-il possible d’avoir ce que je demande ?

    Franckydad
    Nombre d'articles : 0

    Voici le rapport sollicité.
    Bonne soirée et encore merci

    ¤¤¤¤¤¤¤¤¤¤ | Shortcut_Module 12.11.2013.1 – g3n-h@ckm@n

    17:44:35 – 12/11/2013

    (788) — nvvsvc.exe
    (1284) — rundll32.exe
    (1608) — spoolsv.exe
    (1772) — armsvc.exe
    (1804) — agrsmsvc.exe
    (1828) — AppleMobileDeviceService.exe
    (1864) — mDNSResponder.exe
    (2008) — TosCoSrv.exe
    (488) — WLIDSVC.EXE
    (1304) — WLIDSVCM.EXE
    (2416) — taskhost.exe
    (2452) — taskeng.exe
    (2576) — taskeng.exe
    (2608) — explorer.exe
    (2748) — GoogleUpdate.exe
    (2836) — rundll32.exe
    (2860) — RtHDVCpl.exe
    (2872) — TPwrMain.exe
    (2904) — SmoothView.exe
    (2932) — TCrdMain.exe
    (2952) — traybar.exe
    (3120) — XtrCtrl.exe
    (3128) — SynTPEnh.exe
    (3148) — msseces.exe
    (3288) — Integrator.exe
    (3336) — iTunesHelper.exe
    (3348) — SynToshiba.exe
    (3456) — Skype.exe
    (3664) — SynTPHelper.exe
    (3848) — iPodService.exe
    (2976) — taskeng.exe
    (2388) — NDSTray.exe
    (3636) — CFSwMgr.exe
    (2600) — CFIWmxSvcs.exe
    (3504) — CFSvcs.exe
    (1064) — sppsvc.exe

    ¤¤¤¤¤¤¤¤¤¤ | Hijack Links

    ¤¤¤¤¤¤¤¤¤¤ | Hijack Internet Explorer

    ¤¤¤¤¤¤¤¤¤¤ | Hijack Google Chrome

    ¤¤¤¤¤¤¤¤¤¤ | Hijack Firefox

    ¤¤¤¤¤¤¤¤¤¤ | Hijack StartMenuInternet

    ¤¤¤¤¤¤¤¤¤¤ | TEMP Files

    [All Users] TEMP Files deleted : 0 Ko
    [Default User] TEMP Files deleted : 0 Ko
    [Default] TEMP Files deleted : 0 Ko
    [Public] TEMP Files deleted : 0 Ko
    [FrancoisTOSH] TEMP Files deleted : 2456 Ko

    ¤¤¤¤¤¤¤¤¤¤ |EOF| ¤¤¤¤¤¤¤¤¤¤

    g3n-h@ckm@n
    Modérateur
    Nombre d'articles : 8210

    bien aartemis n’est plus là je présume ?

    Franckydad
    Nombre d'articles : 0

    Effectivement
    AARTEMIS est parti pour de bon et grace à vos conseils avisés.
    Encore MERCI

    g3n-h@ckm@n
    Modérateur
    Nombre d'articles : 8210

    re

    tu peux donc faire le menage : http://www.security-helpzone.com/gen-hackman/nettoyage-en-fin-de-desinfection/ » onclick= »window.open(this.href);return false;

12 sujets de 1 à 12 (sur un total de 12)

Vous devez être connecté pour répondre à ce sujet.