Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

[Résolu] Problème Atraps.gen2

Mrik

Par Mrik
dans Analyses et éradication malwares

 Partager

Messages recommandés

Mrik Junior Member

Mrik

Posté(e)
Posté(e) (modifié)

Bonjour,

j'ai un soucis avec ce virus : Atraps.gen2

qui veux pas se laisser faire...

 

Avira n'y peux rien, je ne sais plus quoi faire.

 

Merci d'avance de votre aide.

Mrik

Modifié par Mrik

pear Devil Member !

pear

Posté(e)
Posté(e)

Bonsoir,

 

Choisissez la version 32 ou 64 bits en fonction de votre système
Télécharger sur le Bureau
FRST 64 de Farbar
Frst 32 de Farbar
Fermez toutes les applications, y compris le navigateur
Double-clic sur FRST64.exe et sur Oui pour accepter le Disclaimer
Sous Vista, Windows 7 et 8, il faut lancer le fichier par clic-droit -> Exécuter en tant qu'administrateur
Sur le menu principal, clic sur Scan
A la fin du scan, un rapport FRST.txt s'ouvre.
Au premier lancement, un fichier nommé Addition.txt sera créé

Mrik Junior Member

Mrik

Posté(e)
  • Auteur
Posté(e)

FRST :

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-11-2013 02
Ran by MRIK (administrator) on MRIK-PC on 17-11-2013 17:54:20
Running from C:\Users\MRIK\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: French Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

==================== Registry (Whitelisted) ==================

HKCU\...\Run: [Google Update*] - [x] <===== ATTENTION (ZeroAccess rootkit hidden path)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [347192 2013-10-06] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)

==================== Internet (Whitelisted) ====================

SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Winsock: Catalog5 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog9 01 mswsock.dll File Not found ()
Winsock: Catalog9 02 mswsock.dll File Not found ()
Winsock: Catalog9 03 mswsock.dll File Not found ()
Winsock: Catalog9 04 mswsock.dll File Not found ()
Winsock: Catalog9 05 mswsock.dll File Not found ()
Winsock: Catalog9 06 mswsock.dll File Not found ()
Winsock: Catalog9 07 mswsock.dll File Not found ()
Winsock: Catalog9 08 mswsock.dll File Not found ()
Winsock: Catalog9 09 mswsock.dll File Not found ()
Winsock: Catalog9 10 mswsock.dll File Not found ()
Winsock: Catalog5-x64 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog9-x64 01 mswsock.dll File Not found ()
Winsock: Catalog9-x64 02 mswsock.dll File Not found ()
Winsock: Catalog9-x64 03 mswsock.dll File Not found ()
Winsock: Catalog9-x64 04 mswsock.dll File Not found ()
Winsock: Catalog9-x64 05 mswsock.dll File Not found ()
Winsock: Catalog9-x64 06 mswsock.dll File Not found ()
Winsock: Catalog9-x64 07 mswsock.dll File Not found ()
Winsock: Catalog9-x64 08 mswsock.dll File Not found ()
Winsock: Catalog9-x64 09 mswsock.dll File Not found ()
Winsock: Catalog9-x64 10 mswsock.dll File Not found ()
Tcpip\Parameters: [DhcpNameServer] 192.168.0.254

FireFox:
========
FF ProfilePath: C:\Users\MRIK\AppData\Roaming\Mozilla\Firefox\Profiles\6vd6qwu3.default

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazon-france.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\cnrtl-tlfi-fr.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-france.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-france.xml
FF Extension: DownloadHelper - C:\Users\MRIK\AppData\Roaming\Mozilla\Firefox\Profiles\6vd6qwu3.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-10-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-10-06] (Avira Operations GmbH & Co. KG)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75136 2012-11-25] ()
U2 *etadpug; "C:\Program Files (x86)\Google\Desktop\Install\{4f6e56c8-4e80-b478-fb3e-0d759de0e9fc}\ \...\???\{4f6e56c8-4e80-b478-fb3e-0d759de0e9fc}\GoogleUpdate.exe" < <==== ATTENTION (ZeroAccess)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105344 2013-10-06] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132088 2013-10-06] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-30] (Avira Operations GmbH & Co. KG)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R0 mv61xx; C:\Windows\System32\drivers\mv61xx.sys [159232 2007-05-25] (Marvell Semiconductor, Inc.)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-17 17:54 - 2013-11-17 17:54 - 00007182 _____ C:\Users\MRIK\Desktop\FRST.txt
2013-11-17 17:54 - 2013-11-17 17:54 - 00000000 ____D C:\FRST
2013-11-17 17:53 - 2013-11-17 17:53 - 00000513 _____ C:\Users\MRIK\Desktop\01.txt
2013-11-17 17:51 - 2013-11-17 17:52 - 01958026 _____ (Farbar) C:\Users\MRIK\Desktop\FRST64.exe
2013-11-17 17:50 - 2013-11-17 17:50 - 104695876 _____ C:\Windows\SysWOW64\캙Ԍ
2013-11-17 16:57 - 2013-11-17 16:57 - 00000000 __SHD C:\found.000
2013-11-17 11:50 - 2013-11-17 11:50 - 104641146 _____ C:\Windows\SysWOW64\솆꒻£
2013-11-15 20:42 - 2013-11-15 20:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-15 13:20 - 2013-11-15 13:20 - 00262144 _____ C:\Windows\Minidump\111513-34367-01.dmp
2013-11-15 12:15 - 2013-11-15 12:15 - 00000000 ____D C:\Users\MRIK\AppData\Local\Google
2013-11-15 12:15 - 2013-11-15 12:15 - 00000000 ____D C:\Program Files (x86)\Google
2013-11-14 08:14 - 2013-11-15 08:14 - 104371820 _____ C:\Windows\SysWOW64\❝㹷
2013-11-14 03:03 - 2013-10-12 09:45 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-14 03:03 - 2013-10-12 09:45 - 01364992 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-14 03:03 - 2013-10-12 09:45 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-14 03:03 - 2013-10-12 09:43 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-14 03:03 - 2013-10-12 09:43 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-14 03:03 - 2013-10-12 09:43 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-14 03:03 - 2013-10-12 09:43 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-14 03:03 - 2013-10-12 09:43 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-14 03:03 - 2013-10-12 09:43 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-14 03:03 - 2013-10-12 09:43 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-14 03:03 - 2013-10-12 09:43 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-14 03:03 - 2013-10-12 09:43 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-14 03:03 - 2013-10-12 08:03 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-14 03:03 - 2013-10-12 08:03 - 01138176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-14 03:03 - 2013-10-12 08:02 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-14 03:03 - 2013-10-12 08:02 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-14 03:03 - 2013-10-12 08:02 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-14 03:03 - 2013-10-12 08:02 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-14 03:03 - 2013-10-12 08:02 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-14 03:03 - 2013-10-12 08:02 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-14 03:03 - 2013-10-12 08:02 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-14 03:03 - 2013-10-12 08:02 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-14 03:03 - 2013-10-12 08:02 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-14 03:03 - 2013-10-12 08:02 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-14 03:03 - 2013-10-12 07:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-14 03:03 - 2013-10-12 07:08 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-14 03:03 - 2013-10-12 06:44 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-14 03:03 - 2013-10-12 06:15 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-14 03:02 - 2013-10-12 09:43 - 19269632 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-14 03:02 - 2013-10-12 09:43 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-14 03:02 - 2013-10-12 08:02 - 14355968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-14 00:20 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-14 00:20 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-14 00:19 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-14 00:19 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-14 00:19 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-14 00:19 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-14 00:19 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-14 00:19 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-14 00:19 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-14 00:19 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-14 00:19 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-14 00:19 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-14 00:19 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-14 00:19 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-14 00:19 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-14 00:19 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-14 00:19 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-14 00:19 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-14 00:19 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-14 00:19 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-14 00:19 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-14 00:19 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-14 00:19 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-14 00:19 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-14 00:19 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-14 00:19 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-14 00:19 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-14 00:19 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-14 00:19 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-14 00:19 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-08 11:49 - 2013-11-08 11:49 - 00000000 ____D C:\Windows\system32\appmgmt
2013-11-07 00:05 - 2013-11-07 00:07 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-07 00:05 - 2013-11-07 00:06 - 00000000 ____D C:\Program Files\iTunes
2013-11-07 00:05 - 2013-11-07 00:06 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-11-07 00:05 - 2013-11-07 00:05 - 00000000 ____D C:\Program Files\iPod
2013-10-21 09:17 - 2013-10-21 09:17 - 102118912 _____ C:\Windows\SysWOW64\ឳ탐8
2013-10-19 19:24 - 2013-09-04 13:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-10-19 19:24 - 2013-09-04 13:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-10-19 19:24 - 2013-09-04 13:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-10-19 19:24 - 2013-09-04 13:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-10-19 19:24 - 2013-09-04 13:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-10-19 19:24 - 2013-09-04 13:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-10-19 19:24 - 2013-09-04 13:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys

==================== One Month Modified Files and Folders =======

2013-11-17 17:54 - 2013-11-17 17:54 - 00007182 _____ C:\Users\MRIK\Desktop\FRST.txt
2013-11-17 17:54 - 2013-11-17 17:54 - 00000000 ____D C:\FRST
2013-11-17 17:53 - 2013-11-17 17:53 - 00000513 _____ C:\Users\MRIK\Desktop\01.txt
2013-11-17 17:52 - 2013-11-17 17:51 - 01958026 _____ (Farbar) C:\Users\MRIK\Desktop\FRST64.exe
2013-11-17 17:50 - 2013-11-17 17:50 - 104695876 _____ C:\Windows\SysWOW64\캙Ԍ
2013-11-17 17:32 - 2012-11-10 20:09 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-17 17:07 - 2009-07-14 05:45 - 00021904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-17 17:07 - 2009-07-14 05:45 - 00021904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-17 17:03 - 2011-04-12 10:16 - 00704464 _____ C:\Windows\system32\perfh00C.dat
2013-11-17 17:03 - 2011-04-12 10:16 - 00130770 _____ C:\Windows\system32\perfc00C.dat
2013-11-17 17:03 - 2009-07-14 06:13 - 01549572 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-17 16:59 - 2012-11-10 19:28 - 00000000 ____D C:\ProgramData\NVIDIA
2013-11-17 16:59 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-17 16:59 - 2009-07-14 05:51 - 00056040 _____ C:\Windows\setupact.log
2013-11-17 16:57 - 2013-11-17 16:57 - 00000000 __SHD C:\found.000
2013-11-17 16:01 - 2012-11-15 18:01 - 00000000 ____D C:\Program Files (x86)\Steam
2013-11-17 11:50 - 2013-11-17 11:50 - 104641146 _____ C:\Windows\SysWOW64\솆꒻£
2013-11-16 12:29 - 2012-11-10 20:09 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-11-16 12:29 - 2012-11-10 20:09 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-11-16 12:29 - 2012-11-10 20:09 - 00003940 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-11-16 12:23 - 2012-12-05 19:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-15 20:42 - 2013-11-15 20:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-15 13:20 - 2013-11-15 13:20 - 00262144 _____ C:\Windows\Minidump\111513-34367-01.dmp
2013-11-15 13:20 - 2012-12-12 19:28 - 00000000 ____D C:\Windows\Minidump
2013-11-15 13:19 - 2012-12-12 19:28 - 461352243 _____ C:\Windows\MEMORY.DMP
2013-11-15 12:27 - 2012-11-10 18:15 - 01460936 _____ C:\Windows\WindowsUpdate.log
2013-11-15 12:15 - 2013-11-15 12:15 - 00000000 ____D C:\Users\MRIK\AppData\Local\Google
2013-11-15 12:15 - 2013-11-15 12:15 - 00000000 ____D C:\Program Files (x86)\Google
2013-11-15 08:14 - 2013-11-14 08:14 - 104371820 _____ C:\Windows\SysWOW64\❝㹷
2013-11-14 11:18 - 2013-01-06 14:34 - 00000000 ____D C:\Users\MRIK\AppData\Roaming\vlc
2013-11-14 03:58 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-11-14 03:02 - 2013-10-06 14:18 - 00000000 ____D C:\Windows\system32\MRT
2013-11-14 03:01 - 2012-11-12 01:34 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-08 11:49 - 2013-11-08 11:49 - 00000000 ____D C:\Windows\system32\appmgmt
2013-11-07 00:07 - 2013-11-07 00:05 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-07 00:07 - 2012-11-10 19:40 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-11-07 00:06 - 2013-11-07 00:05 - 00000000 ____D C:\Program Files\iTunes
2013-11-07 00:06 - 2013-11-07 00:05 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-11-07 00:05 - 2013-11-07 00:05 - 00000000 ____D C:\Program Files\iPod
2013-11-01 20:41 - 2012-11-13 12:54 - 00000000 ____D C:\Users\MRIK\AppData\Local\Microsoft Games
2013-10-21 09:17 - 2013-10-21 09:17 - 102118912 _____ C:\Windows\SysWOW64\ឳ탐8
2013-10-19 02:20 - 2009-07-14 05:45 - 00275856 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-18 17:04 - 2009-07-14 06:08 - 00032482 _____ C:\Windows\Tasks\SCHEDLGU.TXT
ZeroAccess:
C:\Users\MRIK\AppData\Local\Google\Desktop\Install
ZeroAccess:
C:\Program Files (x86)\Google\Desktop\Install

ZeroAccess:
C:\Windows\assembly\GAC_32\Desktop.ini

ZeroAccess:
C:\Windows\assembly\GAC_64\Desktop.ini

Some content of TEMP:
====================
C:\Users\MRIK\AppData\Local\Temp\AskSLib.dll
C:\Users\MRIK\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\MRIK\AppData\Local\Temp\InstallFlashPlayer.exe
C:\Users\MRIK\AppData\Local\Temp\sfamcc00001.dll
C:\Users\MRIK\AppData\Local\Temp\sfareca00001.dll
C:\Users\MRIK\AppData\Local\Temp\sfextra.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
ATTENTION: ====> ZeroAccess. Use DeleteJunctionsIndirectory: C:\Program Files\Windows Defender


LastRegBack: 2013-11-11 16:02

==================== End Of Log ============================

pear Devil Member !

pear

Posté(e)
Posté(e)

Nettoyage
Dans le Bloc-notes (Démarrer -> Tous les programmes -> Accessoires -> Bloc-notes)
Copier/coller le texte ci-dessous :

start
U2 *etadpug; "C:\Program Files (x86)\Google\Desktop\Install\{4f6e56c8-4e80-b478-fb3e-0d759de0e9fc}\ \...\???\{4f6e56c8-4e80-b478-fb3e-0d759de0e9fc}\GoogleUpdate.exe" < <==== ATTENTION (ZeroAccess)
C:\Users\MRIK\AppData\Local\Google\Desktop\Install
C:\Program Files (x86)\Google\Desktop\Install
C:\Windows\assembly\GAC_32\Desktop.ini
C:\Windows\assembly\GAC_64\Desktop.ini
C:\Users\MRIK\AppData\Local\Temp\AskSLib.dll
C:\Users\MRIK\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\MRIK\AppData\Local\Temp\InstallFlashPlayer.exe
C:\Users\MRIK\AppData\Local\Temp\sfamcc00001.dll
C:\Users\MRIK\AppData\Local\Temp\sfareca00001.dll
C:\Users\MRIK\AppData\Local\Temp\sfextra.dll
DeleteJunctionsIndirectory: C:\Program Files\Windows Defender
end


Enregistrer le fichier sur le Bureau (au même endroit que FRST) sous fixlist.txt
Fermer toutes les applications, y compris le navigateur
Double-clic sur FRST64.exe
/!\ Sous Vista, Windows 7 et 8, il faut lancer le fichier par clic-droit -> Exécuter en tant qu'administrateur
Sur le menu principal, cliquer une seule fois sur Fix et patienter le temps de la correction

L'outil va créer un rapport de correction Fixlog.txt. Poster ce rapport dans la réponse.

Téléchargez Services Repair de Eset sur le Bureau
Fermez toutes les applications, y compris le navigateur
Double-clique sur ServicesRepair.exe pour lancer l'application
/!\ Sous Vista et Windows 7, il faut lancer le fichier par clic-droit -> Exécuter en tant qu'administrateur
Valider par Yes pour confirmer le lancement de l'outil
Laissez l'outil travailler (cela peut prendre quelques minutes)
Valider par Yes pour redémarrer le PC
Au redémarrage, le dossier CC Support a été crée sur le bureau
Postez le rapport SvcRepair.txt, qui se trouve dans CC Support\Logs dans la prochaine réponse

Mrik Junior Member

Mrik

Posté(e)
  • Auteur
Posté(e)

Fixlog :

 

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 17-11-2013 02
Ran by MRIK at 2013-11-17 18:30:33 Run:1
Running from C:\Users\MRIK\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
U2 *etadpug; "C:\Program Files (x86)\Google\Desktop\Install\{4f6e56c8-4e80-b478-fb3e-0d759de0e9fc}\ \...\???\{4f6e56c8-4e80-b478-fb3e-0d759de0e9fc}\GoogleUpdate.exe" < <==== ATTENTION (ZeroAccess)
C:\Users\MRIK\AppData\Local\Google\Desktop\Install
C:\Program Files (x86)\Google\Desktop\Install
C:\Windows\assembly\GAC_32\Desktop.ini
C:\Windows\assembly\GAC_64\Desktop.ini
C:\Users\MRIK\AppData\Local\Temp\AskSLib.dll
C:\Users\MRIK\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\MRIK\AppData\Local\Temp\InstallFlashPlayer.exe
C:\Users\MRIK\AppData\Local\Temp\sfamcc00001.dll
C:\Users\MRIK\AppData\Local\Temp\sfareca00001.dll
C:\Users\MRIK\AppData\Local\Temp\sfextra.dll
DeleteJunctionsIndirectory: C:\Program Files\Windows Defender
end
*****************

*etadpug => Service deleted successfully.
C:\Users\MRIK\AppData\Local\Google\Desktop\Install => Moved successfully.

"C:\Program Files (x86)\Google\Desktop\Install" directory move:

Could not move "C:\Program Files (x86)\Google\Desktop\Install" directory. => Scheduled to move on reboot.

C:\Windows\assembly\GAC_32\Desktop.ini => Moved successfully.
Could not move "C:\Windows\assembly\GAC_64\Desktop.ini" => Scheduled to move on reboot.
C:\Users\MRIK\AppData\Local\Temp\AskSLib.dll => Moved successfully.
C:\Users\MRIK\AppData\Local\Temp\fp_pl_pfs_installer.exe => Moved successfully.
C:\Users\MRIK\AppData\Local\Temp\InstallFlashPlayer.exe => Moved successfully.
C:\Users\MRIK\AppData\Local\Temp\sfamcc00001.dll => Moved successfully.
C:\Users\MRIK\AppData\Local\Temp\sfareca00001.dll => Moved successfully.
C:\Users\MRIK\AppData\Local\Temp\sfextra.dll => Moved successfully.
"C:\Program Files\Windows Defender" => Deleting reparse point and unlocking started.
"C:\Program Files\Windows Defender\fr-FR" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MpAsDesc.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MpClient.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MpCmdRun.exe" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MpCommu.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MpEvMsg.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MpOAV.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MpRTP.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MpSvc.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MSASCui.exe" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MsMpCom.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MsMpLics.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MsMpRes.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender" => Deleting reparse point and unlocking completed.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2013-11-17 18:34:04)<=

C:\Program Files (x86)\Google\Desktop\Install => Is moved successfully.
C:\Windows\assembly\GAC_64\Desktop.ini => Is moved successfully.

==== End of Fixlog ====

 

 

 

 

 

 

 

 

 

 

 

 

SvcRepair.txt :

 

 

Log Opened: 2013-11-17 @ 18:36:40
18:36:40 - -----------------
18:36:40 - | Begin Logging |
18:36:40 - -----------------
18:36:40 - Fix started on a WIN_7 X64 computer
18:36:40 - Prep in progress. Please Wait.
18:36:41 - Prep complete
18:36:41 - Repairing Services Now. Please wait...
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\BFE.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent\SubLayer>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent\Provider>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent\Filter>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\BootTime\Filter>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\BootTime>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\BITS.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Performance>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\iphlpsvc.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Teredo>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Teredo\{FA88062C-9A61-4C1E-AC45-7143F8F01AAD}>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Teredo>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Isatap\{8AD2FB26-F91E-44F1-9B24-3C0AE56C9CE0}>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Isatap>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\IPHTTPS>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Interfaces>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\config>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\MpsSvc.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\Teredo>
ERROR: Writing SD to <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\Teredo> failed with: Le fichier spécifié est introuvable.
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\RPC-EPMap>
ERROR: Writing SD to <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\RPC-EPMap> failed with: Le fichier spécifié est introuvable.
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\IPTLSOut>
ERROR: Writing SD to <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\IPTLSOut> failed with: Le fichier spécifié est introuvable.
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\IPTLSIn>
ERROR: Writing SD to <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\IPTLSIn> failed with: Le fichier spécifié est introuvable.
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\DHCP>
ERROR: Writing SD to <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\DHCP> failed with: Le fichier spécifié est introuvable.
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\SharedAccess.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Static\System>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Static>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Configurable\System>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Configurable>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\GloballyOpenPorts>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\AuthorizedApplications>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Epoch2>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Epoch>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\StandardProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\StandardProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\PublicProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\PublicProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\FirewallRules>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\DomainProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\DomainProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\WinDefend.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\TriggerInfo\0>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\TriggerInfo>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\wscsvc.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\wuauserv.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv>

SetACL finished successfully.
18:36:43 - Services Repair Complete.
18:36:48 - Reboot Initiated

Mrik Junior Member

Mrik

Posté(e)
  • Auteur
Posté(e)

j'ai plus de message de Avira, me disant qu'il y a un probleme.

ça a l'air bon...

 

Merci bien, et a bientot. ou passourire116.gif

 

Mrik

 

PS : dis moi si c'est vraiment fini. merci

pear Devil Member !

pear

Posté(e)
Posté(e)

Pour moi c'est bon.

 

Si vous pensez que votre problème a trouvé une solution, et afin que ceux qui la cherchent en profitent,
éditez votre premier message (Edition complète)et, dans le titre, inscrivez Résolu.
resolu.jpg
[1] En bas de votre premier message, cliquer sur Modifier
[2] En bas de l'éditeur qui s'ouvre, cliquer sur Utiliser l'éditeur complet
[3] En haut de l'éditeur complet, ajouter Résolu au début du titre de votre sujet.
[4] Enregistrer les modifications

  • Upvote 1
Mrik Junior Member

Mrik

Posté(e)
  • Auteur
Posté(e)

j'ai encore un fichier qu'il m'a créé sur le bureau, et je n'arrive pas a le deleter ou a le mettre a la corbeille...

 

Quand je le supprime, "explorateur windows" bug, et restart.

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...