jg92

Membres

Afficher le profil Afficher son activité

Compteur de contenus
25
Inscription
le 22 février 2009
Dernière visite
le 12 avril 2013

Type de contenu

Toute l’activité

Profils

Forums

Blogs

Tout ce qui a été posté par jg92

Apparemment problèmes détectés

jg92 a répondu à un(e) sujet de jg92 dans Analyses et éradication malwares

Bonjour, Voici le contenu des analyses de UsbFix ############################## | UsbFix V 7.120 | [Recherche] Utilisateur: bureau (Administrateur) # BUREAU-JACK Mis à jour le 30/03/2013 par El Desaparecido Lancé à 21:48:33 | 09/04/2013 Site Web: SosVirus Upload Malware: Upload Malware pour analyse Contact: contact@sosvirus.org PC: Dell Inc. (Dell DM061 ) (X86-based PC) CPU: Intel® Core2 CPU 6300 @ 1.86GHz (1867) RAM -> [Total : 3070 | Free : 1565] BIOS: Phoenix ROM BIOS PLUS Version 1.10 2.4.0 BOOT: Normal boot OS: Microsoft Windows 7 Professionnel (6.1.7601 32-Bit) # Service Pack 1 WB: Windows Internet Explorer 10.0.9200.16521 SC: Security Center Service [Enabled] WU: Windows Update Service [Enabled] AV: avast! Internet Security [Enabled | Updated] FW: Windows FireWall Service [Enabled] C:\ (%systemdrive%) -> Disque fixe # 466 Go (52 Go libre(s) - 11%) [] # NTFS D:\ -> Disque fixe # 233 Go (79 Go libre(s) - 34%) [sos] # NTFS E:\ -> CD-ROM F:\ -> CD-ROM H:\ -> CD-ROM I:\ -> CD-ROM N:\ -> CD-ROM ################## | Processus Actif | C:\Windows\system32\csrss.exe (884) C:\Windows\system32\wininit.exe (1176) C:\Windows\system32\csrss.exe (1188) C:\Windows\system32\services.exe (1224) C:\Windows\system32\lsass.exe (1248) C:\Windows\system32\lsm.exe (1256) C:\Windows\system32\winlogon.exe (1380) C:\Windows\system32\svchost.exe (1412) C:\Windows\system32\svchost.exe (1512) C:\Windows\system32\atiesrxx.exe (1560) C:\Windows\System32\svchost.exe (1636) C:\Windows\System32\svchost.exe (1684) C:\Windows\system32\svchost.exe (1744) C:\Windows\system32\svchost.exe (1792) C:\Windows\system32\svchost.exe (384) C:\Windows\system32\svchost.exe (848) C:\Windows\system32\atieclxx.exe (788) C:\Windows\system32\svchost.exe (2060) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (2096) C:\Program Files\AVAST Software\Avast\afwServ.exe (2144) C:\Windows\System32\spoolsv.exe (2260) C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe (2544) C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe (2568) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (2640) C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe (2688) C:\Windows\System32\alg.exe (2728) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (2752) C:\Program Files\Bonjour\mDNSResponder.exe (2824) C:\Windows\system32\svchost.exe (2856) C:\Program Files\Cobian Backup 11\cbVSCService11.exe (2876) C:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe (3020) C:\Windows\system32\dllhost.exe (3152) C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe (3200) C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe (3240) C:\Windows\system32\svchost.exe (3288) C:\Windows\system32\FLK.exe (3432) C:\Windows\system32\WinFLService.exe (3472) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe (3516) C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe (3652) C:\Program Files\Siber Systems\GoodSync\Gs-Server.exe (3716) C:\Windows\system32\GSService.exe (3744) C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE (3992) C:\Program Files\RIFT Technologies\InstallClick Connector\installclick.exe (4016) C:\Program Files\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe (4040) C:\Program Files\RIFT Technologies\InstallClick Connector\installclick-connector.exe (4052) C:\Windows\system32\conhost.exe (4060) C:\Windows\System32\svchost.exe (4088) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (2112) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe (3016) C:\Program Files\Microsoft LifeCam\MSCamS32.exe (3512) C:\Windows\System32\msdtc.exe (3556) C:\Program Files\Yuna Software\Messenger Plus! Skins for Facebook\MsgPlusForFacebookService.exe (3944) C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE (4272) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (4356) C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSvcm.exe (4416) C:\Windows\system32\taskeng.exe (4580) C:\Windows\system32\taskhost.exe (4764) C:\Program Files\PDF Architect\HelperService.exe (5072) C:\Program Files\PDF Architect\ConversionService.exe (5156) C:\Windows\system32\svchost.exe (5208) c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (5272) C:\Program Files\CyberLink\Shared files\RichVideo.exe (5308) C:\Program Files\WinPcap\rpcapd.exe (5344) C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe (5384) C:\Windows\system32\svchost.exe (5404) C:\Program Files\Splashtop\Splashtop Remote\Server\SRService.exe (5492) C:\Program Files\Splashtop\Splashtop Software Updater\SSUService.exe (5584) C:\Windows\system32\svchost.exe (5620) C:\Windows\System32\svchost.exe (5644) C:\Program Files\Syncovery\SyncoveryVSS.exe (6004) C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe (6068) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (6104) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe (6132) C:\Windows\system32\Tweak7SystemService.exe (4548) C:\Windows\System32\vds.exe (4964) C:\Windows\system32\vssvc.exe (1864) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe (108) C:\Windows\system32\svchost.exe (4892) C:\Windows\System32\svchost.exe (4500) C:\Windows\System32\svchost.exe (4460) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (5436) C:\Windows\system32\SearchIndexer.exe (5876) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (5116) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe (5904) C:\Windows\System32\WUDFHost.exe (5996) C:\Windows\system32\wbem\wmiprvse.exe (6360) C:\Program Files\Splashtop\Splashtop Remote\Server\SRServer.exe (6656) C:\Windows\System32\svchost.exe (6708) C:\Windows\system32\Dwm.exe (6772) C:\Program Files\Splashtop\Splashtop Remote\Server\SRFeature.exe (6780) C:\Windows\Explorer.EXE (6812) C:\Program Files\AVAST Software\Avast\AvastUI.exe (7212) C:\Program Files\ACD Systems\ACDSee Pro\6.0\ACDSeePro6InTouch2.exe (8156) C:\Program Files\Windows Media Player\wmpnetwk.exe (6440) C:\Program Files\Windows Sidebar\sidebar.exe (6476) C:\Program Files\Start Menu X\StartMenuX.exe (6740) C:\Program Files\Cordial\Integration_Cordial.exe (4028) C:\Windows\System32\WinFLTray.exe (7400) C:\Program Files\MyTomTom 3\MyTomTomSA.exe (7368) C:\Users\bureau\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (7320) C:\Program Files\Windows Live\Messenger\msnmsgr.exe (7348) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (7232) C:\Program Files\Cobian Backup 11\Cobian.exe (4712) C:\Program Files\johnsadventures.com\John's Background Switcher\BackgroundSwitcher.exe (3832) C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe (5320) C:\Program Files\Cobian Backup 11\cbInterface.exe (3404) C:\Users\bureau\AppData\Roaming\Dropbox\bin\Dropbox.exe (888) C:\Program Files\Stardock\ObjectDock Plus\ObjectDock.exe (4600) C:\Program Files\Windows Live\Contacts\wlcomm.exe (8092) C:\Program Files\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe (5228) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (6804) C:\Program Files\Stardock\ObjectDock Plus\ObjectDockTray.exe (6544) C:\Windows\system32\sppsvc.exe (1716) C:\Windows\system32\UI0Detect.exe (2808) C:\Windows\system32\prevhost.exe (9676) C:\Windows\explorer.exe (9444) C:\Windows\system32\wbem\wmiprvse.exe (6076) C:\Windows\system32\SearchProtocolHost.exe (4400) C:\UsbFix\Go.exe (6608) C:\Windows\system32\SearchFilterHost.exe (8516) ################## | El Desaparecido Section | HKLM\SOFTWARE | Run : [avast] - "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui HKLM\SOFTWARE | Run : [AMD AVT] - Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files\AMD AVT\bin\kdbsync.exe" aml HKLM\SOFTWARE | Run : [APSDaemon] - "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" HKLM\SOFTWARE | Run : [sysTrayApp] - %ProgramFiles%\IDT\WDM\sttray.exe HKLM\SOFTWARE | Run : [LifeCam] - "C:\Program Files\Microsoft LifeCam\LifeExp.exe" HKLM\SOFTWARE | Run : [Fences] - "C:\Program Files\Stardock\Fences\Fences.exe" /startup HKLM\SOFTWARE | Run : [ACPW06FR] - "C:\Program Files\ACD Systems\ACDSee Pro\6.0\ACDSeePro6InTouch2.exe" /pid ACPW06FR HKLM\SOFTWARE | Run : [smart File Advisor] - "C:\Program Files\Smart File Advisor\sfa.exe" /checkassoc HKLM\SOFTWARE | Run : [AdobeAAMUpdater-1.0] - "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" HKLM\SOFTWARE | Run : [bCSSync] - "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices HKU\S-1-5-19\SOFTWARE | Run : [sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\S-1-5-20\SOFTWARE | Run : [sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\S-1-5-21-1835667813-2538981492-1255117997-1000\SOFTWARE | Run : [sidebar] - C:\Program Files\Windows Sidebar\sidebar.exe /autoRun HKU\S-1-5-21-1835667813-2538981492-1255117997-1000\SOFTWARE | Run : [0934CC49F1BD9DEB16EBBD32159ED7952AF559C2._service_run] - "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=service HKU\S-1-5-21-1835667813-2538981492-1255117997-1000\SOFTWARE | Run : [startMenuX] - C:\Program Files\Start Menu X\StartMenuX.exe HKU\S-1-5-21-1835667813-2538981492-1255117997-1000\SOFTWARE | Run : [integration de Cordial] - C:\PROGRAM FILES\CORDIAL\INTEGRATION_CORDIAL.EXE HKU\S-1-5-21-1835667813-2538981492-1255117997-1000\SOFTWARE | Run : [WinFLTray] - C:\Windows\system32\WinFLTray.exe HKU\S-1-5-21-1835667813-2538981492-1255117997-1000\SOFTWARE | Run : [MyTomTomSA.exe] - "C:\Program Files\MyTomTom 3\MyTomTomSA.exe" HKU\S-1-5-21-1835667813-2538981492-1255117997-1000\SOFTWARE | Run : [skyDrive] - "C:\Users\bureau\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background HKU\S-1-5-21-1835667813-2538981492-1255117997-1000\SOFTWARE | Run : [msnmsgr] - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background HKU\S-1-5-21-1835667813-2538981492-1255117997-1000\SOFTWARE | Run : [swg] - "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" HKU\S-1-5-21-1835667813-2538981492-1255117997-1000\SOFTWARE | Run : [Cobian Backup 11] - "C:\Program Files\Cobian Backup 11\Cobian.exe" HKU\S-1-5-21-1835667813-2538981492-1255117997-1000\SOFTWARE | Run : [backgroundSwitcher] - "C:\Program Files\johnsadventures.com\John's Background Switcher\BackgroundSwitcher.exe" HKU\S-1-5-21-1835667813-2538981492-1255117997-1000\SOFTWARE | Run : [RoboForm] - "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" HKU\S-1-5-19\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe HKU\S-1-5-20\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe ################## | Éléments infectieux | ################## | Registre | ################## | Mountpoints2 | ################## | Vaccin | C:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido) D:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido) Z:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido) ################## | E.O.F | SosVirus | la suite (suppression) ############################## | UsbFix V 7.120 | [suppression] Utilisateur: bureau (Administrateur) # BUREAU-JACK Mis à jour le 30/03/2013 par El Desaparecido Lancé à 22:44:06 | 09/04/2013 Site Web: SosVirus Upload Malware: Upload Malware pour analyse Contact: contact@sosvirus.org PC: Dell Inc. (Dell DM061 ) (X86-based PC) CPU: Intel® Core2 CPU 6300 @ 1.86GHz (1867) RAM -> [Total : 3070 | Free : 1311] BIOS: Phoenix ROM BIOS PLUS Version 1.10 2.4.0 BOOT: Normal boot OS: Microsoft Windows 7 Professionnel (6.1.7601 32-Bit) # Service Pack 1 WB: Windows Internet Explorer 10.0.9200.16521 SC: Security Center Service [Enabled] WU: Windows Update Service [Enabled] AV: avast! Internet Security [Enabled | Updated] FW: Windows FireWall Service [Enabled] C:\ (%systemdrive%) -> Disque fixe # 466 Go (52 Go libre(s) - 11%) [] # NTFS D:\ -> Disque fixe # 233 Go (79 Go libre(s) - 34%) [sos] # NTFS E:\ -> CD-ROM F:\ -> CD-ROM H:\ -> CD-ROM I:\ -> CD-ROM N:\ -> CD-ROM ################## | El Desaparecido Section | HKLM\SOFTWARE | Run : [avast] - "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui HKLM\SOFTWARE | Run : [AMD AVT] - Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files\AMD AVT\bin\kdbsync.exe" aml HKLM\SOFTWARE | Run : [APSDaemon] - "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" HKLM\SOFTWARE | Run : [sysTrayApp] - %ProgramFiles%\IDT\WDM\sttray.exe HKLM\SOFTWARE | Run : [LifeCam] - "C:\Program Files\Microsoft LifeCam\LifeExp.exe" HKLM\SOFTWARE | Run : [Fences] - "C:\Program Files\Stardock\Fences\Fences.exe" /startup HKLM\SOFTWARE | Run : [ACPW06FR] - "C:\Program Files\ACD Systems\ACDSee Pro\6.0\ACDSeePro6InTouch2.exe" /pid ACPW06FR HKLM\SOFTWARE | Run : [smart File Advisor] - "C:\Program Files\Smart File Advisor\sfa.exe" /checkassoc HKLM\SOFTWARE | Run : [AdobeAAMUpdater-1.0] - "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" HKLM\SOFTWARE | Run : [bCSSync] - "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices HKU\S-1-5-19\SOFTWARE | Run : [sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\S-1-5-20\SOFTWARE | Run : [sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\S-1-5-21-1835667813-2538981492-1255117997-1000\SOFTWARE | Run : [sidebar] - C:\Program Files\Windows Sidebar\sidebar.exe /autoRun HKU\S-1-5-21-1835667813-2538981492-1255117997-1000\SOFTWARE | Run : [0934CC49F1BD9DEB16EBBD32159ED7952AF559C2._service_run] - "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=service HKU\S-1-5-21-1835667813-2538981492-1255117997-1000\SOFTWARE | Run : [startMenuX] - C:\Program Files\Start Menu X\StartMenuX.exe HKU\S-1-5-21-1835667813-2538981492-1255117997-1000\SOFTWARE | Run : [integration de Cordial] - C:\PROGRAM FILES\CORDIAL\INTEGRATION_CORDIAL.EXE HKU\S-1-5-21-1835667813-2538981492-1255117997-1000\SOFTWARE | Run : [WinFLTray] - C:\Windows\system32\WinFLTray.exe HKU\S-1-5-21-1835667813-2538981492-1255117997-1000\SOFTWARE | Run : [MyTomTomSA.exe] - "C:\Program Files\MyTomTom 3\MyTomTomSA.exe" HKU\S-1-5-21-1835667813-2538981492-1255117997-1000\SOFTWARE | Run : [skyDrive] - "C:\Users\bureau\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background HKU\S-1-5-21-1835667813-2538981492-1255117997-1000\SOFTWARE | Run : [msnmsgr] - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background HKU\S-1-5-21-1835667813-2538981492-1255117997-1000\SOFTWARE | Run : [swg] - "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" HKU\S-1-5-21-1835667813-2538981492-1255117997-1000\SOFTWARE | Run : [Cobian Backup 11] - "C:\Program Files\Cobian Backup 11\Cobian.exe" HKU\S-1-5-21-1835667813-2538981492-1255117997-1000\SOFTWARE | Run : [backgroundSwitcher] - "C:\Program Files\johnsadventures.com\John's Background Switcher\BackgroundSwitcher.exe" HKU\S-1-5-21-1835667813-2538981492-1255117997-1000\SOFTWARE | Run : [RoboForm] - "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" HKU\S-1-5-19\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe HKU\S-1-5-20\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe ################## | Processus Stoppés | Stoppé! C:\Windows\system32\atiesrxx.exe (1560) Stoppé! C:\Windows\system32\atieclxx.exe (788) Stoppé! C:\Program Files\AVAST Software\Avast\AvastSvc.exe (2096) Stoppé! C:\Program Files\AVAST Software\Avast\afwServ.exe (2144) Stoppé! C:\Windows\System32\spoolsv.exe (2260) Stoppé! C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe (2544) Stoppé! C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe (2568) Stoppé! C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (2640) Stoppé! C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe (2688) Stoppé! C:\Windows\System32\alg.exe (2728) Stoppé! C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (2752) Stoppé! C:\Program Files\Bonjour\mDNSResponder.exe (2824) Stoppé! C:\Program Files\Cobian Backup 11\cbVSCService11.exe (2876) Stoppé! C:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe (3020) Stoppé! C:\Windows\system32\dllhost.exe (3152) Stoppé! C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe (3200) Stoppé! C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe (3240) Stoppé! C:\Windows\system32\FLK.exe (3432) Stoppé! C:\Windows\system32\WinFLService.exe (3472) Stoppé! C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe (3516) Stoppé! C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe (3652) Stoppé! C:\Program Files\Siber Systems\GoodSync\Gs-Server.exe (3716) Stoppé! C:\Windows\system32\GSService.exe (3744) Stoppé! C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE (3992) Stoppé! C:\Program Files\RIFT Technologies\InstallClick Connector\installclick.exe (4016) Stoppé! C:\Program Files\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe (4040) Stoppé! C:\Program Files\RIFT Technologies\InstallClick Connector\installclick-connector.exe (4052) Stoppé! C:\Windows\system32\conhost.exe (4060) Stoppé! C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (2112) Stoppé! C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe (3016) Stoppé! C:\Program Files\Microsoft LifeCam\MSCamS32.exe (3512) Stoppé! C:\Windows\System32\msdtc.exe (3556) Stoppé! C:\Program Files\Yuna Software\Messenger Plus! Skins for Facebook\MsgPlusForFacebookService.exe (3944) Stoppé! C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE (4272) Stoppé! C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (4356) Stoppé! C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSvcm.exe (4416) Stoppé! C:\Windows\system32\taskeng.exe (4580) Stoppé! C:\Windows\system32\taskhost.exe (4764) Stoppé! C:\Program Files\PDF Architect\HelperService.exe (5072) Stoppé! C:\Program Files\PDF Architect\ConversionService.exe (5156) Stoppé! c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (5272) Stoppé! C:\Program Files\CyberLink\Shared files\RichVideo.exe (5308) Stoppé! C:\Program Files\WinPcap\rpcapd.exe (5344) Stoppé! C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe (5384) Stoppé! C:\Program Files\Splashtop\Splashtop Remote\Server\SRService.exe (5492) Stoppé! C:\Program Files\Splashtop\Splashtop Software Updater\SSUService.exe (5584) Stoppé! C:\Program Files\Syncovery\SyncoveryVSS.exe (6004) Stoppé! C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe (6068) Stoppé! C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (6104) Stoppé! C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe (6132) Stoppé! C:\Windows\system32\Tweak7SystemService.exe (4548) Stoppé! C:\Windows\System32\vds.exe (4964) Stoppé! C:\Windows\system32\vssvc.exe (1864) Stoppé! C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe (108) Stoppé! C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (5436) Stoppé! C:\Windows\system32\SearchIndexer.exe (5876) Stoppé! C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (5116) Stoppé! C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe (5904) Stoppé! C:\Windows\System32\WUDFHost.exe (5996) Stoppé! C:\Program Files\Splashtop\Splashtop Remote\Server\SRServer.exe (6656) Stoppé! C:\Program Files\Splashtop\Splashtop Remote\Server\SRFeature.exe (6780) Stoppé! C:\Program Files\AVAST Software\Avast\AvastUI.exe (7212) Stoppé! C:\Program Files\ACD Systems\ACDSee Pro\6.0\ACDSeePro6InTouch2.exe (8156) Stoppé! C:\Program Files\Windows Media Player\wmpnetwk.exe (6440) Stoppé! C:\Program Files\Windows Sidebar\sidebar.exe (6476) Stoppé! C:\Program Files\Start Menu X\StartMenuX.exe (6740) Stoppé! C:\Program Files\Cordial\Integration_Cordial.exe (4028) Stoppé! C:\Windows\System32\WinFLTray.exe (7400) Stoppé! C:\Program Files\MyTomTom 3\MyTomTomSA.exe (7368) Stoppé! C:\Users\bureau\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (7320) Stoppé! C:\Program Files\Windows Live\Messenger\msnmsgr.exe (7348) Stoppé! C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (7232) Stoppé! C:\Program Files\Cobian Backup 11\Cobian.exe (4712) Stoppé! C:\Program Files\johnsadventures.com\John's Background Switcher\BackgroundSwitcher.exe (3832) Stoppé! C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe (5320) Stoppé! C:\Program Files\Cobian Backup 11\cbInterface.exe (3404) Stoppé! C:\Users\bureau\AppData\Roaming\Dropbox\bin\Dropbox.exe (888) Stoppé! C:\Program Files\Stardock\ObjectDock Plus\ObjectDock.exe (4600) Stoppé! C:\Program Files\Windows Live\Contacts\wlcomm.exe (8092) Stoppé! C:\Program Files\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe (5228) Stoppé! C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (6804) Stoppé! C:\Program Files\Stardock\ObjectDock Plus\ObjectDockTray.exe (6544) Stoppé! C:\Windows\system32\sppsvc.exe (1716) Stoppé! C:\Windows\system32\UI0Detect.exe (2808) Stoppé! C:\Windows\system32\prevhost.exe (9676) ################## | Éléments infectieux | (!) Fichiers temporaires supprimés. ################## | Registre | ################## | Mountpoints2 | ################## | Listing | [01/12/2012 - 11:30:12 | SHD ] C:\$Recycle.Bin [09/01/2013 - 07:17:01 | D ] C:\$WINDOWS.~BT [18/04/2011 - 20:56:01 | D ] C:\Ad-Remover [10/06/2009 - 22:42:20 | N | 24] C:\autoexec.bat [09/04/2013 - 18:59:59 | RASHD ] C:\Autorun.inf [03/10/2012 - 07:41:46 | D ] C:\BigFishGamesCache [09/01/2013 - 08:05:41 | D ] C:\Boot [20/11/2010 - 13:40:07 | RASH | 383786] C:\bootmgr [26/07/2012 - 06:10:16 | N | 1] C:\BOOTNXT [09/01/2013 - 07:14:48 | N | 8192] C:\BOOTSECT.BAK [13/06/2011 - 19:39:04 | D ] C:\canon [09/03/2013 - 08:55:50 | D ] C:\CloneDVDTemp [06/07/2011 - 07:55:37 | D ] C:\ComicToEPUB [10/06/2009 - 22:42:20 | N | 10] C:\config.sys [14/07/2009 - 05:53:55 | SHD ] C:\Documents and Settings [28/03/2013 - 11:49:13 | D ] C:\Données [23/12/2012 - 08:14:05 | D ] C:\DriveKey [29/10/2012 - 17:23:27 | D ] C:\ESD [23/02/2013 - 11:24:59 | D ] C:\FileMenuTools [03/04/2012 - 08:22:37 | D ] C:\Firefox Ultimate Optimizer [08/05/2011 - 07:19:17 | D ] C:\FreePack [04/11/2011 - 09:41:21 | D ] C:\GameHouse Games [18/04/2011 - 20:53:59 | D ] C:\ghostscript-8.71 [09/04/2013 - 20:43:32 | ASH | 2414280704] C:\hiberfil.sys [17/05/2011 - 15:05:39 | N | 0] C:\IO.SYS [19/09/2011 - 08:57:10 | N | 1213] C:\JavaRa.log [02/04/2013 - 14:00:34 | D ] C:\JRT [16/05/2011 - 05:58:00 | D ] C:\Listage dossiers et fichiers en txt [09/04/2013 - 22:44:14 | N | 115] C:\log2.txt [31/01/2013 - 18:42:29 | D ] C:\MP3Toolkit [17/05/2011 - 15:05:39 | N | 0] C:\MSDOS.SYS [03/02/2012 - 11:22:09 | RHD ] C:\MSOCache [09/04/2013 - 21:08:53 | N | 2176631] C:\npsimple.log [17/03/2012 - 09:36:43 | D ] C:\Numedocs [28/12/2012 - 17:10:51 | N | 591] C:\os357577.bin [09/04/2013 - 20:43:30 | ASH | 3219128320] C:\pagefile.sys [09/04/2013 - 10:18:26 | N | 512] C:\PhysicalMBR.bin [03/04/2013 - 07:35:55 | D ] C:\Program Files [02/04/2013 - 12:33:49 | HD ] C:\ProgramData [26/01/2012 - 16:28:31 | D ] C:\Programmi [23/11/2011 - 22:03:05 | N | 440] C:\RoboFormDataHere.txt [17/05/2011 - 15:11:17 | D ] C:\SIERRA [09/04/2013 - 18:52:58 | SHD ] C:\System Volume Information [09/01/2013 - 01:10:52 | D ] C:\temp [13/01/2013 - 10:26:43 | D ] C:\ToolBar SD [20/02/2013 - 19:00:16 | N | 687] C:\trace.txt [09/04/2013 - 23:02:31 | D ] C:\UsbFix [09/04/2013 - 23:02:49 | A | 12882] C:\UsbFix [Clean 2] BUREAU-JACK.txt [09/04/2013 - 22:10:26 | N | 11487] C:\UsbFix [scan 4] BUREAU-JACK.txt [05/02/2012 - 18:41:08 | D ] C:\Users [09/04/2013 - 20:48:48 | D ] C:\Windows [21/05/2010 - 16:39:57 | N | 0] C:\WindowsLiveMessenger-uccapi-0.uccapilog [18/04/2011 - 20:53:05 | D ] C:\XnView [05/02/2012 - 18:41:54 | SHD ] D:\$RECYCLE.BIN [02/05/2011 - 22:15:24 | D ] D:\ATI Radeon HD 4600 Series [09/04/2013 - 18:59:59 | RASHD ] D:\Autorun.inf [16/10/2012 - 02:54:53 | D ] D:\Balabolka [11/07/2012 - 08:05:00 | N | 11962936] D:\chrome_User Data_11072012.gcb [28/01/2012 - 23:03:01 | D ] D:\clins [09/04/2013 - 20:57:48 | D ] D:\D [08/01/2013 - 13:30:25 | N | 253922] D:\DELONGHI Machine à expresso BCO260 au meilleur prix - Carrefour.pdf [28/01/2012 - 23:03:24 | D ] D:\driver [13/07/2012 - 10:25:50 | N | 0] D:\FirexFoxXPCOMLogging.txt [30/03/2012 - 13:11:44 | D ] D:\Gimp-2.7.4 [04/04/2013 - 17:42:01 | D ] D:\hijackthis [10/07/2009 - 12:39:00 | N | 350720] D:\hjsplit.exe [28/01/2012 - 23:08:30 | D ] D:\Installateur [16/04/2011 - 12:34:53 | D ] D:\KompoZer 0.7.10 [31/03/2013 - 11:09:13 | D ] D:\Mes sauvegardes [30/04/2012 - 07:49:31 | D ] D:\Outlook [09/04/2013 - 20:43:30 | ASH | 3219128320] D:\pagefile.sys [25/11/2012 - 17:04:45 | T | 4873561] D:\Photo 149250.jpg [15/10/2012 - 17:01:27 | D ] D:\Pictures [23/12/2010 - 20:42:12 | D ] D:\Pole Position Référencement [28/01/2012 - 23:06:37 | D ] D:\Poster8 [10/07/2009 - 12:45:40 | N | 582] D:\readme.txt [30/05/2012 - 14:38:18 | D ] D:\sauvegarde iphoneMovies [31/03/2013 - 18:26:24 | D ] D:\server2go [04/11/2011 - 10:05:54 | D ] D:\simplyIcone [27/01/2011 - 21:17:41 | D ] D:\sos compta [10/10/2012 - 13:12:37 | D ] D:\sos firefox [24/05/2011 - 17:32:37 | D ] D:\sos gmail [09/04/2013 - 13:14:13 | D ] D:\sos outlook [11/03/2013 - 15:47:17 | D ] D:\sos usb [24/03/2013 - 11:09:34 | D ] D:\sos-itunes [09/04/2013 - 04:54:08 | SHD ] D:\System Volume Information [09/04/2013 - 21:42:25 | D ] D:\UsbFix [16/10/2012 - 02:50:44 | D ] D:\utilitaires photos [24/04/2011 - 08:58:55 | D ] D:\vCard [06/12/2011 - 07:55:52 | D ] D:\Videos [04/04/2013 - 08:43:25 | D ] D:\Vivre Mieux [08/03/2011 - 08:27:04 | D ] D:\_gsdata_ [13/06/2011 - 19:19:00 | D ] D:\à ranger [08/01/2013 - 20:04:37 | D ] Z:\Mes sauvegardes [29/04/2012 - 12:29:44 | D ] Z:\jeux-érotiques [20/09/2012 - 15:29:05 | D ] Z:\morphing [20/09/2012 - 14:55:23 | D ] Z:\server2go-sos [09/04/2013 - 18:09:22 | D ] Z:\Autorun.inf [20/09/2012 - 16:11:29 | D ] Z:\server2go [20/09/2012 - 16:46:20 | D ] Z:\Modélisme [29/04/2012 - 13:26:41 | D ] Z:\Downloads [20/09/2012 - 15:28:46 | D ] Z:\joomla [29/04/2012 - 12:09:01 | D ] Z:\Jeux flash [28/01/2013 - 15:57:46 | D ] Z:\livres pdf [16/03/2011 - 09:03:31 | D ] Z:\Ajaxpf [02/01/2013 - 21:46:10 | D ] Z:\Mes images [29/04/2012 - 12:29:06 | D ] Z:\jeux-crack [13/02/2013 - 07:53:26 | D ] Z:\mairie [12/10/2012 - 07:09:36 | D ] Z:\Mes téléchargements [14/10/2012 - 08:19:12 | D ] Z:\Brésil [14/10/2012 - 08:51:41 | D ] Z:\Vidéos [18/02/2013 - 19:06:00 | D ] Z:\Mes photos [20/09/2012 - 15:08:25 | D ] Z:\sonia [03/03/2013 - 12:17:54 | D ] Z:\films [29/04/2012 - 12:10:30 | D ] Z:\Mes recettes [29/04/2012 - 12:13:32 | D ] Z:\Mes sons [20/09/2012 - 15:30:50 | D ] Z:\MVPN 2010 [23/03/2011 - 11:21:11 | D ] Z:\Mes albums [03/12/2012 - 08:12:05 | D ] Z:\mvpn 2012 [20/09/2012 - 15:09:25 | D ] Z:\jeux ################## | Vaccin | C:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido) D:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido) Z:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido) ################## | E.O.F | SosVirus |
- le 10 avril 2013
- 23 réponses
Apparemment problèmes détectés

jg92 a répondu à un(e) sujet de jg92 dans Analyses et éradication malwares

Voici contenu des fichiers demandés RogueKiller V8.5.4 [Mar 18 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : RogueKiller - Geeks to Go Forums Website : Download RogueKiller (Official website) Blog : tigzy-RK Operating System : Windows XP (5.1.2600 ) 32 bits version Started in : Normal mode User : SYSTEM [Admin rights] Mode : Remove -- Date : 04/09/2013 10:28:04 | ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 2 ¤¤¤ [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NOT SELECTED [FILEASSO] HKLM\[...]\command : (X:\I386\IEXPLORE.EXE) [-] -> FOLDER NOT FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED] ¤¤¤ ¤¤¤ Extern Hives: ¤¤¤ -> C:\windows\system32\config\SOFTWARE -> C:\windows\system32\config\SYSTEM -> C:\Users\bureau\NTUSER.DAT -> C:\Users\Default\NTUSER.DAT -> C:\Users\Default User\NTUSER.DAT -> C:\Users\gaelle\NTUSER.DAT -> C:\Users\Invité\NTUSER.DAT -> C:\Documents and Settings\bureau\NTUSER.DAT -> C:\Documents and Settings\Default\NTUSER.DAT -> C:\Documents and Settings\Default User\NTUSER.DAT -> C:\Documents and Settings\gaelle\NTUSER.DAT -> C:\Documents and Settings\Invité\NTUSER.DAT ¤¤¤ Infection : Rogue.AntiSpy-AH ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> X:\i386\system32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: +++++ --- User --- [MBR] eb8b601a1937fa6e05f93ef4c69c33c6 [bSP] d8df495a2a2a23ae11396c4152156880 : Windows 7/8 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 476937 Mo User = LL1 ... OK! User = LL2 ... OK! +++++ PhysicalDrive1: +++++ --- User --- [MBR] eff74395a09cca66a49eb8d2e650d3ee [bSP] 15aa431f21a280c81d2601e5a5773708 : Windows Vista MBR Code Partition table: 0 - [XXXXXX] FAT12 (0x01) [VISIBLE] Offset (sectors): 63 | Size: 15 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 32136 | Size: 238401 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[2]_D_04092013_02d1028.txt >> RKreport[1]_S_04092013_02d0511.txt ; RKreport[2]_D_04092013_02d1028.txt suite RogueKiller V8.5.4 [Mar 18 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : RogueKiller - Geeks to Go Forums Website : Download RogueKiller (Official website) Blog : tigzy-RK Operating System : Windows XP (5.1.2600 ) 32 bits version Started in : Normal mode User : SYSTEM [Admin rights] Mode : Remove -- Date : 04/09/2013 10:29:37 | ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 2 ¤¤¤ [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NOT SELECTED [FILEASSO] HKLM\[...]\command : (X:\I386\IEXPLORE.EXE) [-] -> FOLDER NOT FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED] ¤¤¤ ¤¤¤ Extern Hives: ¤¤¤ -> C:\windows\system32\config\SOFTWARE -> C:\windows\system32\config\SYSTEM -> C:\Users\bureau\NTUSER.DAT -> C:\Users\Default\NTUSER.DAT -> C:\Users\Default User\NTUSER.DAT -> C:\Users\gaelle\NTUSER.DAT -> C:\Users\Invité\NTUSER.DAT -> C:\Documents and Settings\bureau\NTUSER.DAT -> C:\Documents and Settings\Default\NTUSER.DAT -> C:\Documents and Settings\Default User\NTUSER.DAT -> C:\Documents and Settings\gaelle\NTUSER.DAT -> C:\Documents and Settings\Invité\NTUSER.DAT ¤¤¤ Infection : Rogue.AntiSpy-AH ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> X:\i386\system32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: +++++ --- User --- [MBR] eb8b601a1937fa6e05f93ef4c69c33c6 [bSP] d8df495a2a2a23ae11396c4152156880 : Windows 7/8 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 476937 Mo User = LL1 ... OK! User = LL2 ... OK! +++++ PhysicalDrive1: +++++ --- User --- [MBR] eff74395a09cca66a49eb8d2e650d3ee [bSP] 15aa431f21a280c81d2601e5a5773708 : Windows Vista MBR Code Partition table: 0 - [XXXXXX] FAT12 (0x01) [VISIBLE] Offset (sectors): 63 | Size: 15 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 32136 | Size: 238401 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[3]_D_04092013_02d1029.txt >> RKreport[1]_S_04092013_02d0511.txt ; RKreport[2]_D_04092013_02d1028.txt ; RKreport[3]_D_04092013_02d1029.txt suite RogueKiller V8.5.4 [Mar 18 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : RogueKiller - Geeks to Go Forums Website : Download RogueKiller (Official website) Blog : tigzy-RK Operating System : Windows XP (5.1.2600 ) 32 bits version Started in : Normal mode User : SYSTEM [Admin rights] Mode : Remove -- Date : 04/09/2013 10:30:11 | ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 2 ¤¤¤ [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NOT SELECTED [FILEASSO] HKLM\[...]\command : (X:\I386\IEXPLORE.EXE) [-] -> FOLDER NOT FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED] ¤¤¤ ¤¤¤ Extern Hives: ¤¤¤ -> C:\windows\system32\config\SOFTWARE -> C:\windows\system32\config\SYSTEM -> C:\Users\bureau\NTUSER.DAT -> C:\Users\Default\NTUSER.DAT -> C:\Users\Default User\NTUSER.DAT -> C:\Users\gaelle\NTUSER.DAT -> C:\Users\Invité\NTUSER.DAT -> C:\Documents and Settings\bureau\NTUSER.DAT -> C:\Documents and Settings\Default\NTUSER.DAT -> C:\Documents and Settings\Default User\NTUSER.DAT -> C:\Documents and Settings\gaelle\NTUSER.DAT -> C:\Documents and Settings\Invité\NTUSER.DAT ¤¤¤ Infection : Rogue.AntiSpy-AH ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> X:\i386\system32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: +++++ --- User --- [MBR] eb8b601a1937fa6e05f93ef4c69c33c6 [bSP] d8df495a2a2a23ae11396c4152156880 : Windows 7/8 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 476937 Mo User = LL1 ... OK! User = LL2 ... OK! +++++ PhysicalDrive1: +++++ --- User --- [MBR] eff74395a09cca66a49eb8d2e650d3ee [bSP] 15aa431f21a280c81d2601e5a5773708 : Windows Vista MBR Code Partition table: 0 - [XXXXXX] FAT12 (0x01) [VISIBLE] Offset (sectors): 63 | Size: 15 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 32136 | Size: 238401 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[4]_D_04092013_02d1030.txt >> RKreport[1]_S_04092013_02d0511.txt ; RKreport[2]_D_04092013_02d1028.txt ; RKreport[3]_D_04092013_02d1029.txt ; RKreport[4]_D_04092013_02d1030.txt suite RogueKiller V8.5.4 [Mar 18 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : RogueKiller - Geeks to Go Forums Website : Download RogueKiller (Official website) Blog : tigzy-RK Operating System : Windows XP (5.1.2600 ) 32 bits version Started in : Normal mode User : SYSTEM [Admin rights] Mode : Remove -- Date : 04/09/2013 10:30:37 | ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 2 ¤¤¤ [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NOT SELECTED [FILEASSO] HKLM\[...]\command : (X:\I386\IEXPLORE.EXE) [-] -> FOLDER NOT FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED] ¤¤¤ ¤¤¤ Extern Hives: ¤¤¤ -> C:\windows\system32\config\SOFTWARE -> C:\windows\system32\config\SYSTEM -> C:\Users\bureau\NTUSER.DAT -> C:\Users\Default\NTUSER.DAT -> C:\Users\Default User\NTUSER.DAT -> C:\Users\gaelle\NTUSER.DAT -> C:\Users\Invité\NTUSER.DAT -> C:\Documents and Settings\bureau\NTUSER.DAT -> C:\Documents and Settings\Default\NTUSER.DAT -> C:\Documents and Settings\Default User\NTUSER.DAT -> C:\Documents and Settings\gaelle\NTUSER.DAT -> C:\Documents and Settings\Invité\NTUSER.DAT ¤¤¤ Infection : Rogue.AntiSpy-AH ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> X:\i386\system32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: +++++ --- User --- [MBR] eb8b601a1937fa6e05f93ef4c69c33c6 [bSP] d8df495a2a2a23ae11396c4152156880 : Windows 7/8 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 476937 Mo User = LL1 ... OK! User = LL2 ... OK! +++++ PhysicalDrive1: +++++ --- User --- [MBR] eff74395a09cca66a49eb8d2e650d3ee [bSP] 15aa431f21a280c81d2601e5a5773708 : Windows Vista MBR Code Partition table: 0 - [XXXXXX] FAT12 (0x01) [VISIBLE] Offset (sectors): 63 | Size: 15 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 32136 | Size: 238401 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[5]_D_04092013_02d1030.txt >> RKreport[1]_S_04092013_02d0511.txt ; RKreport[2]_D_04092013_02d1028.txt ; RKreport[3]_D_04092013_02d1029.txt ; RKreport[4]_D_04092013_02d1030.txt ; RKreport[5]_D_04092013_02d1030.txt
- le 9 avril 2013
- 23 réponses
Apparemment problèmes détectés

jg92 a répondu à un(e) sujet de jg92 dans Analyses et éradication malwares

Bonjour et bonne journée ici il y a du soleil Voici le lien du fichier otl.txt : © CJoint.com, 2012 Coradialement
- le 9 avril 2013
- 23 réponses
Apparemment problèmes détectés

jg92 a répondu à un(e) sujet de jg92 dans Analyses et éradication malwares

Bonjour, voici le log RogueKiller V8.5.4 [Mar 18 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : RogueKiller - Geeks to Go Forums Website : Download RogueKiller (Official website) Blog : tigzy-RK Operating System : Windows XP (5.1.2600 ) 32 bits version Started in : Normal mode User : SYSTEM [Admin rights] Mode : Scan -- Date : 04/09/2013 00:11:23 | ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 2 ¤¤¤ [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND [FILEASSO] HKLM\[...]\command : (X:\I386\IEXPLORE.EXE) [-] -> FOLDER NOT FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED] ¤¤¤ ¤¤¤ Infection : Rogue.AntiSpy-AH ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> X:\i386\system32\drivers\etc\hosts 127.0.0.1 localhost
- le 9 avril 2013
- 23 réponses
Apparemment problèmes détectés

jg92 a répondu à un(e) sujet de jg92 dans Analyses et éradication malwares

bonjour, de retour après quelques jours d'absences, RogueKiller.exe même renommé planque mon pc (écran bleu) 4 essais sous les deux noms, help merci. Bon début de semaine à tous
- le 8 avril 2013
- 23 réponses
Apparemment problèmes détectés

jg92 a répondu à un(e) sujet de jg92 dans Analyses et éradication malwares

rebonjour, Voici le log de anti-malwarea: Malwarebytes Anti-Malware 1.70.0.1100 www.malwarebytes.org Version de la base de données: v2013.04.04.03 Windows 7 Service Pack 1 x86 NTFS (Mode sans échec) Internet Explorer 10.0.9200.16521 bureau :: BUREAU-JACK [administrateur] 04/04/2013 21:23:29 mbam-log-2013-04-04 (21-23-29).txt Type d'examen: Examen complet (C:\|D:\|) Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM Options d'examen désactivées: P2P Elément(s) analysé(s): 1003689 Temps écoulé: 3 heure(s), 23 minute(s), 23 seconde(s) Processus mémoire détecté(s): 0 (Aucun élément nuisible détecté) Module(s) mémoire détecté(s): 0 (Aucun élément nuisible détecté) Clé(s) du Registre détectée(s): 0 (Aucun élément nuisible détecté) Valeur(s) du Registre détectée(s): 0 (Aucun élément nuisible détecté) Elément(s) de données du Registre détecté(s): 0 (Aucun élément nuisible détecté) Dossier(s) détecté(s): 0 (Aucun élément nuisible détecté) Fichier(s) détecté(s): 1 D:\sos usb\Apps\Notepad++Portable\App\Notepad++\plugins\ComparePlugin.dll (Trojan.Medfos) -> Mis en quarantaine et supprimé avec succès. (fin)
- le 5 avril 2013
- 23 réponses
Apparemment problèmes détectés

jg92 a répondu à un(e) sujet de jg92 dans Analyses et éradication malwares

Bonjour, Voici le dernier fichier txt celui de SFT. © CJoint.com, 2012 Cordialement
- le 4 avril 2013
- 23 réponses
Apparemment problèmes détectés

jg92 a répondu à un(e) sujet de jg92 dans Analyses et éradication malwares

Bonjour PEAR, ton lien pour SFT est mort, voici ou on peut le trouver. Apollo Et Compagnie :: Outils de Pierre13 Cordialement
- le 4 avril 2013
- 23 réponses
Apparemment problèmes détectés

jg92 a répondu à un(e) sujet de jg92 dans Analyses et éradication malwares

comme ceci alors
- le 3 avril 2013
- 23 réponses
Apparemment problèmes détectés

jg92 a répondu à un(e) sujet de jg92 dans Analyses et éradication malwares

Bonsoir voici les deux fichiers, cordialement © CJoint.com, 2012 © CJoint.com, 2012
- le 3 avril 2013
- 23 réponses
Apparemment problèmes détectés

jg92 a répondu à un(e) sujet de jg92 dans Analyses et éradication malwares

Oui j'ai bien décoché 045 et 061 et après essai en mode sans échecs j'ai la même erreur. Cordailemenrt
- le 3 avril 2013
- 23 réponses
Apparemment problèmes détectés

jg92 a répondu à un(e) sujet de jg92 dans Analyses et éradication malwares

Bonsoir, Voici les deux premiers fichiers, pour le troisième zhpdiag envois un code d'erreur "index hors limite (2)" © CJoint.com, 2012 © CJoint.com, 2012 Cordialement.
- le 2 avril 2013
- 23 réponses
Apparemment problème détecté [sujet bloqué]

jg92 a répondu à un(e) sujet de jg92 dans Analyses et éradication malwares

Bonjour voici les deux premiers fichiers tests: © CJoint.com, 2012 © CJoint.com, 2012 Cordialement et merci encore.
- le 2 avril 2013
- 4 réponses
Apparemment problèmes détectés

jg92 a posté un sujet dans Analyses et éradication malwares

Bonjour je remet pou log suite à un sujet bloqué, cordialement. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:03:19, on 01/04/2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v10.0 (10.00.9200.16521) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Program Files\Trusteer\Rapport\bin\RapportService.exe C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files\ACD Systems\ACDSee Pro\6.0\ACDSeePro6InTouch2.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Start Menu X\StartMenuX.exe C:\Program Files\Cordial\Integration_Cordial.exe C:\Windows\System32\WinFLTray.exe C:\Program Files\MyTomTom 3\MyTomTomSA.exe C:\Users\bureau\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Cobian Backup 11\Cobian.exe C:\Program Files\johnsadventures.com\John's Background Switcher\BackgroundSwitcher.exe C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe C:\Program Files\Synapse Developpement\Synapse Update\Synapse Update.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Cobian Backup 11\cbInterface.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Users\bureau\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files\Stardock\ObjectDock Plus\ObjectDock.exe C:\Program Files\Stardock\ObjectDock Plus\ObjectDockTray.exe D:\hijackthis\HJT.exe C:\ProgramData\Badoo\Badoo Desktop\1.6.58.1220\Badoo.Desktop.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=FR&userid=fe2250e0-5f69-40b1-8370-63785c81572d&searchtype=ds&q={searchTerms} R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = ERROR R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.fr - Actus France et Monde - Magazine People & Féminin â€“ Hotmail R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.fr - Actus France et Monde - Magazine People & Féminin â€“ Hotmail R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=FR&userid=fe2250e0-5f69-40b1-8370-63785c81572d&searchtype=ds&q={searchTerms} R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=FR&userid=fe2250e0-5f69-40b1-8370-63785c81572d&searchtype=ds&q={searchTerms} R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, enhanced for Bing and MSN R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O2 - BHO: IEButton Class - {F81D52BF-F2F1-4F49-BF5F-05664E803039} - C:\Program Files\UnH Solutions\Flash Saving Plugin\FlashSButton.dll O3 - Toolbar: &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O3 - Toolbar: FireShot - {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} - C:\Users\bureau\AppData\Roaming\FireShot\FSAddin-98_32.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files\AMD AVT\bin\kdbsync.exe" aml O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [sysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe" O4 - HKLM\..\Run: [Fences] "C:\Program Files\Stardock\Fences\Fences.exe" /startup O4 - HKLM\..\Run: [ACPW06FR] "C:\Program Files\ACD Systems\ACDSee Pro\6.0\ACDSeePro6InTouch2.exe" /pid ACPW06FR O4 - HKLM\..\Run: [smart File Advisor] "C:\Program Files\Smart File Advisor\sfa.exe" /checkassoc O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" O4 - HKLM\..\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [0934CC49F1BD9DEB16EBBD32159ED7952AF559C2._service_run] "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=service O4 - HKCU\..\Run: [startMenuX] C:\Program Files\Start Menu X\StartMenuX.exe O4 - HKCU\..\Run: [integration de Cordial] C:\PROGRAM FILES\CORDIAL\INTEGRATION_CORDIAL.EXE O4 - HKCU\..\Run: [WinFLTray] C:\Windows\system32\WinFLTray.exe O4 - HKCU\..\Run: [MyTomTomSA.exe] "C:\Program Files\MyTomTom 3\MyTomTomSA.exe" O4 - HKCU\..\Run: [skyDrive] "C:\Users\bureau\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [Cobian Backup 11] "C:\Program Files\Cobian Backup 11\Cobian.exe" O4 - HKCU\..\Run: [backgroundSwitcher] "C:\Program Files\johnsadventures.com\John's Background Switcher\BackgroundSwitcher.exe" O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" O4 - HKCU\..\Run: [synapseUpdate] "C:\Program Files\Synapse Developpement\Synapse Update\Synapse Update.exe" O4 - HKCU\..\Run: [iSUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU') O4 - Startup: Dropbox.lnk = AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Startup: Fences.lnk = C:\Program Files\Stardock\Fences\Fences.exe O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock Plus\ObjectDock.exe O4 - Global Startup: ColorVisionStartup.lnk = C:\Program Files\ColorVision\Utility\ColorVisionStartup.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present O9 - Extra button: Résumer - {0F2D17A0-E7DF-4847-995B-6F3ABF5BF187} - C:\PROGRA~1\COPERN~1\COPERN~1.DLL O9 - Extra button: Flash Capture - {753BBC4B-CC73-4fb8-A5B5-CA09C804C1DD} - C:\Program Files\Flash Capture\fciext.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Flash - {43CF38F3-5AEC-45a3-AD31-04EB06E9C6CA} - C:\Program Files\UnH Solutions\Flash Saving Plugin\FlashSButton.dll (HKCU) O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O17 - HKLM\System\CCS\Services\Tcpip\..\{BDA1F7D7-0CB0-447F-B9B5-0E79420F7159}: NameServer = 178.33.41.181,46.4.70.20 O18 - Protocol: skyline - {3A4F9195-65A8-11D5-85C1-0001023952C1} - C:\Program Files\Skyline\TerraExplorer\TerraExplorerX.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - (no file) O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: c:\progra~1\saveby~1\sprote~1.dll O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing) O22 - SharedTaskScheduler: FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files\Stardock\Fences\FencesMenu.dll O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe O23 - Service: Adobe Active File Monitor V10 (AdobeActiveFileMonitor10.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe O23 - Service: Adobe Active File Monitor V9 (AdobeActiveFileMonitor9.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Expérience d’application (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Acronis Nonstop Backup Service (afcdpsrv) - Acronis - C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe O23 - Service: Service de la passerelle de la couche Application (ALG) - Unknown owner - C:\Windows\System32\alg.exe O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe O23 - Service: Identité de l’application (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Informations d’application (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Gestion d’applications (AppMgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Arts-ftp - Unknown owner - C:\Program Files\Arts-serveur\ftp\SlimFTPd.exe O23 - Service: Arts-mysql - Unknown owner - C:\Program Files\Arts-serveur\mysql\bin\mysqld.exe O23 - Service: Arts-serveur - Apache Software Foundation - C:\Program Files\Arts-serveur\Apache\bin\apache.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Audio Windows (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe O23 - Service: Programme d’installation ActiveX (AxInstSV) (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Service de chiffrement de lecteur BitLocker (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Service de transfert intelligent en arrière-plan (BITS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Explorateur d’ordinateurs (Browser) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service de prise en charge Bluetooth (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Cobian Backup 11 Service « Volume Shadow Copy » (cbVSCService11) - CobianSoft, Luis Cobian - C:\Program Files\Cobian Backup 11\cbVSCService11.exe O23 - Service: Propagation du certificat (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: CyberGhost VPN Client (CGVPNCliSrvc) - mobile concepts GmbH - C:\Program Files\CyberGhost VPN\CGVPNCliService.exe O23 - Service: CLHNServiceForPowerDVD - Unknown owner - C:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\cscsvc.dll,-200 (CscService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: CyberLink PowerDVD 11.0 Monitor Service - CyberLink - C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe O23 - Service: CyberLink PowerDVD 11.0 Service - CyberLink - C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Défragmenteur de disque (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Configuration automatique de réseau câblé (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service de réception Windows Media Center (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe O23 - Service: Service de planification Windows Media Center (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Hôte du fournisseur de découverte de fonctions (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: File Lock Service (FileLockService) - TopLang Software - C:\Windows\system32\FLK.exe O23 - Service: FLService - NewSoftwares.net, Inc. - C:\Windows\system32\WinFLService.exe O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe O23 - Service: FreemakeVideoCapture - Ellora Assets Corp. - C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: GoodSync Server (GsServer) - Unknown owner - C:\Program Files\Siber Systems\GoodSync\Gs-Server.exe O23 - Service: GSService - Unknown owner - C:\Windows\system32\GSService.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Service Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Accès du périphérique d'interface utilisateur (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Gestion des clés et des certificats d’intégrité (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Écouteur HomeGroup (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Fournisseur HomeGroup (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Technologie de stockage Intel® Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: InstallClick Connector (InstallClick) - Unknown owner - C:\Program Files\RIFT Technologies\InstallClick Connector\installclick.exe O23 - Service: Énumérateur de bus IP PnP-X (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Assistance IP (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Kinoni Service (KinoniSvc) - Unknown owner - C:\Program Files\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe O23 - Service: Service KtmRm pour Distributed Transaction Coordinator (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe O23 - Service: Mappage de découverte de topologie de la couche de liaison (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Assistance NetBIOS sur TCP/IP (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Service Media Center Extender (Mcx2Svc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: Pare-feu Windows (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Coordinateur de transactions distribuées (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe O23 - Service: Messenger Plus! Skins for Facebook Service (MsgFBSkinsPlusService) - Yuna Software - C:\Program Files\Yuna Software\Messenger Plus! Skins for Facebook\MsgPlusForFacebookService.exe O23 - Service: Service Initiateur iSCSI de Microsoft (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Windows Installer (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe O23 - Service: Agent de protection d’accès réseau (napagent) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Connexions réseau (Netman) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service Liste des réseaux (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Gestionnaire d’identité réseau homologue (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Groupement de mise en réseau de pairs (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service de l’Assistant Compatibilité des programmes (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: PDF Architect Helper Service - pdfforge GbR - C:\Program Files\PDF Architect\HelperService.exe O23 - Service: PDF Architect Service - pdfforge GbR - C:\Program Files\PDF Architect\ConversionService.exe O23 - Service: BranchCache (PeerDistSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Journaux & alertes de performance (pla) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Service de publication des noms d’ordinateurs PNRP (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Protocole PNRP (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Agent de stratégie IPsec (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Alimentation (Power) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: Expérience audio-vidéo haute qualité Windows (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Rapport Management Service (RapportMgmtService) - Trusteer Ltd. - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe O23 - Service: Gestionnaire de connexion automatique d’accès distant (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Gestionnaire de connexions d’accès distant (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Routage et accès distant (RemoteAccess) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Localisateur d’appels de procédure distante (RPC) (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Stratégie de retrait de la carte à puce (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe O23 - Service: Sauvegarde Windows (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Ouverture de session secondaire (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Brillance adaptative (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Configuration des services Bureau à distance (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Partage de connexion Internet (ICS) (SharedAccess) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: Interruption SNMP (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe O23 - Service: Splashtop® Remote Service (SplashtopRemoteService) - Splashtop Inc. - C:\Program Files\Splashtop\Splashtop Remote\Server\SRService.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe O23 - Service: Service de notification SPP (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Découverte SSDP (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Service SSTP (Secure Socket Tunneling Protocol) (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Splashtop Software Updater Service (SSUService) - Splashtop Inc. - C:\Program Files\Splashtop\Splashtop Software Updater\SSUService.exe O23 - Service: @%SystemRoot%\system32\stlang.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV.exe O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (StiSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Service de stockage (StorSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Fournisseur de cliché instantané de logiciel Microsoft (swprv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Acronis Sync Agent Service (syncagentsrv) - Acronis - C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe O23 - Service: SyncoveryVSSService - Super Flexible Software Ltd. & Co. KG - C:\Program Files\Syncovery\SyncoveryVSS.exe O23 - Service: Superfetch (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Service Panneau de saisie Tablet PC (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Téléphonie (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Services de base de module de plateforme sécurisée (TBS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe O23 - Service: Services Bureau à distance (TermService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Serveur de priorités des threads (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: Client de suivi de lien distribué (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Programme d’installation pour les modules Windows (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe O23 - Service: Tweak7SystemService - Totalidea Software - C:\Windows\system32\Tweak7SystemService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe O23 - Service: Redirecteur de port du mode utilisateur des services Bureau à distance (UmRdpService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Hôte de périphérique UPnP (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\uxtuneup.dll,-4096 (UxTuneUp) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Disque virtuel (vds) - Unknown owner - C:\Windows\System32\vds.exe O23 - Service: Cliché instantané des volumes (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe O23 - Service: vToolbarUpdater12.2.6 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe O23 - Service: Temps Windows (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Service de moteur de sauvegarde en mode bloc (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe O23 - Service: Service de biométrie Windows (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Windows Connect Now - Registre de configuration (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Système de couleurs Windows (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Service hôte WDIServiceHost (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Hôte système de diagnostics (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: WebClient - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Collecteur d’événements de Windows (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Prise en charge de l’application Rapports et solutions aux problèmes du Panneau de configuration (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service de rapport d’erreurs Windows (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Windows Defender (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service de découverte automatique de Proxy Web pour les services HTTP Windows (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Gestion à distance de Windows (Gestion WSM) (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service de configuration automatique WLAN (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Carte de performance WMI (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe O23 - Service: Parental Controls (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Service Énumérateur d’appareil mobile (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Windows Search (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Service de configuration automatique WWAN (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe -- End of file - 32425 bytes
- le 2 avril 2013
- 23 réponses
Apparemment problème détecté [sujet bloqué]

jg92 a répondu à un(e) sujet de jg92 dans Analyses et éradication malwares

Voici le les deux premiers fichiers, merci encore de votre aide, cordialement # AdwCleaner v2.115 - Rapport créé le 02/04/2013 à 13:33:30 # Mis à jour le 17/03/2013 par Xplode # Système d'exploitation : Windows 7 Professional Service Pack 1 (32 bits) # Nom d'utilisateur : bureau - BUREAU-JACK # Mode de démarrage : Normal # Exécuté depuis : C:\Users\bureau\Desktop\adwcleaner (1).exe # Option [suppression] ***** [services] ***** ***** [Fichiers / Dossiers] ***** Dossier Supprimé : C:\Program Files\SaveByclick Dossier Supprimé : C:\Program Files\VideoDownloadConverter_4z Dossier Supprimé : C:\ProgramData\clsoft ltd Dossier Supprimé : C:\ProgramData\InstallMate Dossier Supprimé : C:\Users\bureau\AppData\Local\PackageAware Dossier Supprimé : C:\Users\bureau\AppData\Local\VideoDownloadConverter_4z Dossier Supprimé : C:\Users\bureau\AppData\LocalLow\blekko Dossier Supprimé : C:\Users\bureau\AppData\LocalLow\Conduit Dossier Supprimé : C:\Users\bureau\AppData\LocalLow\VideoDownloadConverter_4z Dossier Supprimé : C:\Users\bureau\AppData\Roaming\Mozilla\Firefox\Profiles\7e9m7qfk.default\extensions\4zffxtbr@VideoDownloadConverter_4z.com Dossier Supprimé : C:\Users\bureau\AppData\Roaming\Mozilla\Firefox\Profiles\7e9m7qfk.default\jetpack Dossier Supprimé : C:\Users\bureau\AppData\Roaming\Mozilla\Firefox\Profiles\evj5l8x5.default\extensions\staged Dossier Supprimé : C:\Users\bureau\AppData\Roaming\Mozilla\Firefox\Profiles\evj5l8x5.default\jetpack Dossier Supprimé : C:\Users\bureau\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.jacques\extensions\4zffxtbr@VideoDownloadConverter_4z.com Dossier Supprimé : C:\Users\bureau\AppData\Roaming\Mozilla\Firefox\Profiles\olccfdgk.default\extensions\4zffxtbr@VideoDownloadConverter_4z.com Dossier Supprimé : C:\Users\bureau\AppData\Roaming\OpenCandy Dossier Supprimé : C:\Users\bureau\AppData\Roaming\pdfforge Fichier Supprimé : C:\END Fichier Supprimé : C:\Program Files\Mozilla Firefox\.autoreg Supprimé au redémarrage : C:\Program Files\Common Files\AVG Secure Search ***** [Registre] ***** Clé Supprimée : HKCU\Software\AppDataLow\Software\Conduit Clé Supprimée : HKCU\Software\AppDataLow\Software\SmartBar Clé Supprimée : HKCU\Software\AppDataLow\SProtector Clé Supprimée : HKCU\Software\Iminent Clé Supprimée : HKCU\Software\Microsoft\ClaroDirectory Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} Clé Supprimée : HKCU\Software\SmartbarBackup Clé Supprimée : HKCU\Software\SmartbarLog Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{1005247F-A178-490A-8DC3-6BAF09EA427B} Clé Supprimée : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761} Clé Supprimée : HKLM\Software\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B Clé Supprimée : HKLM\Software\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7} Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\halffneccaebicfdfajnbfgpglahfgoe Clé Supprimée : HKLM\Software\Iminent Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\BabylonToolbarsrv_RASAPI32 Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\BabylonToolbarsrv_RASMANCS Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\blekko_1311013_RASAPI32 Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\blekko_1311013_RASMANCS Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32 Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\Giant Savings Extension_RASAPI32 Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\Giant Savings Extension_RASMANCS Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\Giant Savings Extension-InternalInstaller_RASAPI32 Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\Giant Savings Extension-InternalInstaller_RASMANCS Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\Giant Savings_RASAPI32 Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\Giant Savings_RASMANCS Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\Giant Savings-InternalInstaller_RASAPI32 Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\Giant Savings-InternalInstaller_RASMANCS Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_nonsearch_RASAPI32 Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_nonsearch_RASMANCS Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32 Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SaveByClick_RASAPI32 Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SaveByClick_RASMANCS Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32 Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASAPI32 Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASAPI32 Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASMANCS Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5 Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966 Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DA5BD2D3CA2D6943A1A233CD3F88CE7 Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375 Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC9EFC5C3366B4DB850DAB49330C52 Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4B2468513CA2D6943A1A233CD3F88CE7 Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078 Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7E98451C7CA808F47AFE467BDABD02FA Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BFD11FD45FC7B9E46A8F4B69F3A66E35 Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D5979AD63CA2D6943A1A233CD3F88CE7 Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DF9BD2952384A9C49B4A5D3D95329890 Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FABA2A33488410A4AA40489BD2224282 Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB6AF8AEEB922FA4392548F13812E50B Clé Supprimée : HKLM\Software\SP Global Clé Supprimée : HKLM\Software\SProtector Valeur Supprimée : HKCU\Software\Mozilla\Firefox\Extensions [{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}] ***** [Navigateurs] ***** -\\ Internet Explorer v10.0.9200.16521 Remplacé : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=FR&userid=fe2250e0-5f69-40b1-8370-63785c81572d&searchtype=ds&q={searchTerms} --> hxxp://www.google.com Remplacé : [HKCU\Software\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=FR&userid=fe2250e0-5f69-40b1-8370-63785c81572d&searchtype=ds&q={searchTerms} --> hxxp://www.google.com Remplacé : [HKCU\Software\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=FR&userid=fe2250e0-5f69-40b1-8370-63785c81572d&searchtype=ds&q={searchTerms} --> hxxp://www.google.com -\\ Mozilla Firefox v19.0.2 (fr) Fichier : C:\Users\bureau\AppData\Roaming\Mozilla\Firefox\Profiles\7e9m7qfk.default\prefs.js [OK] Le fichier ne contient aucune entrée illégitime. Fichier : C:\Users\bureau\AppData\Roaming\Mozilla\Firefox\Profiles\evj5l8x5.default\prefs.js C:\Users\bureau\AppData\Roaming\Mozilla\Firefox\Profiles\evj5l8x5.default\user.js ... Supprimé ! Supprimée : user_pref("aol_toolbar.default.homepage.check", false); Supprimée : user_pref("aol_toolbar.default.search.check", false); Supprimée : user_pref("extensions.BabylonToolbar.prtkDS", 0); Supprimée : user_pref("extensions.BabylonToolbar.prtkHmpg", 0); Supprimée : user_pref("extensions.spamfreesearch.hmpgUrl", "hxxp://blekko.com/ws/?source=5f97ddbe&tbp=homepage&u[...] Supprimée : user_pref("extensions.spamfreesearch.keyWordUrl", "hxxp://blekko.com/ws/?source=5f97ddbe&tbp=rbox&u=[...] Supprimée : user_pref("extensions.spamfreesearch.prtnrId", "blekko"); Supprimée : user_pref("extensions.spamfreesearch.srchPrvdr", "blekko"); Supprimée : user_pref("extensions.spamfreesearch.tlbrSrchUrl", "hxxp://blekko.com/ws/?source=5f97ddbe&tbp=main&u[...] Supprimée : user_pref("extensions.wajam.affiliate_id", "5921"); Supprimée : user_pref("extensions.wajam.firstrun", "false"); Supprimée : user_pref("extensions.wajam.log_send_info", "false"); Supprimée : user_pref("extensions.wajam.mappingListJsonString", "{\"version\":\"0.21085\",\"supported_sites\":{\[...] Supprimée : user_pref("extensions.wajam.no_trace", "false"); Supprimée : user_pref("extensions.wajam.server_current_mapping_version", "0.21085"); Supprimée : user_pref("extensions.wajam.supported_sites.encryptedgoogle.wajam_google_js", "try {window['APP_LABE[...] Supprimée : user_pref("extensions.wajam.supported_sites.google.wajam_google_se_js", "try {window['APP_LABEL_NAME[...] Supprimée : user_pref("extensions.wajam.trace_log", "1361616556070 - processInstallationUpgrade - version set to[...] Supprimée : user_pref("extensions.wajam.unique_id", "E96C3CFA1B2F489320003D91D6ED432D"); Supprimée : user_pref("extensions.wajam.user_current_mapping_version", "0"); Supprimée : user_pref("extensions.wajam.version", "1.26"); Supprimée : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", ""); Supprimée : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", ""); Supprimée : user_pref("sweetim.toolbar.previous.browser.startup.homepage", ""); Supprimée : user_pref("sweetim.toolbar.previous.keyword.URL", ""); Supprimée : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", ""); Supprimée : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", ""); Supprimée : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", ""); Supprimée : user_pref("sweetim.toolbar.searchguard.enable", ""); Fichier : C:\Users\bureau\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.jacques\prefs.js [OK] Le fichier ne contient aucune entrée illégitime. Fichier : C:\Users\bureau\AppData\Roaming\Mozilla\Firefox\Profiles\olccfdgk.default\prefs.js [OK] Le fichier ne contient aucune entrée illégitime. Fichier : C:\Users\bureau\AppData\Roaming\Mozilla\Firefox\Profiles\s3nzdsn1.jack\prefs.js Supprimée : user_pref("extentions.y2layers.defaultEnableAppsList", "twittube,buzzdock,YontooNewOffers"); Supprimée : user_pref("extentions.y2layers.installId", "98b598e7-c573-4c43-95bb-f03a88a64d2c"); -\\ Google Chrome v26.0.1410.43 Fichier : C:\Users\bureau\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] Le fichier ne contient aucune entrée illégitime. Fichier : C:\Users\gaelle\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] Le fichier ne contient aucune entrée illégitime. -\\ Opera v12.14.1738.0 Fichier : C:\Users\bureau\AppData\Roaming\Opera\Opera\operaprefs.ini [OK] Le fichier ne contient aucune entrée illégitime. ************************* AdwCleaner[s6].txt - [15961 octets] - [02/04/2013 13:33:30] ########## EOF - C:\AdwCleaner[s6].txt - [16022 octets] ########## ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 4.7.9 (04.01.2013:1) OS: Windows 7 Professional x86 Ran by bureau on 02/04/2013 at 15:00:59,62 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\windows nt\currentversion\windows\\AppInit_DLLs Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\searchurl\\Default ~~~ Registry Keys ~~~ Files Successfully deleted: [File] "C:\Windows\system32\turegopt.exe" ~~~ Folders Successfully deleted: [Folder] "C:\Program Files\driver-soft" Successfully deleted: [Folder] "C:\Program Files\free youtube downloader" Successfully deleted: [Folder] "C:\Program Files\video download converter" Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{004E7F2A-530C-4E4E-9CA0-688636F6A6EA} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{006DD1D8-30D4-4174-A33F-03B776CF86A0} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{008490AE-880A-4159-BB59-D7B6FAFE683E} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{00F4AED1-6E25-41E5-840C-079A11BD7DD6} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{01258996-288E-42F3-BE53-A8BE3488E1A6} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{014822F5-EC79-4651-8AC2-98DF0248D98D} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{016B6F89-B87C-4659-B2A2-F8DC304C6A11} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{0172C0CA-2D4F-4AD8-A139-17D329D6A3C5} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{01EA9D14-DD07-4F71-B107-A154D776300E} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{021EF248-7A08-4146-8A2C-A202B2543D7C} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{02392674-F88D-4C58-AA1B-F5D3C239D336} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{0281676B-87ED-4C09-955C-95CE45B3C6A6} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{03D9837C-AEC9-4070-BF37-F6E7D38FD051} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{042AEB98-740C-493F-9945-63987F949B93} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{04465AB6-AE7F-4FBD-A9AA-2DBD59D30FD3} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{04C56B45-476C-4B7E-AFD6-71D09CD3548D} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{0500E13F-B6B7-4818-85A9-E0FFB8F41295} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{05B966ED-8649-4C91-BE5B-6B55860405F3} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{068AAFBC-30A1-4F1F-826D-61BE74422B85} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{06C39E47-731C-4A23-9CA0-973BB9C62BCA} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{06F3A145-909A-4BB1-9E5A-B32DF55A3FE0} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{075A802F-FDBD-4640-8388-FD2D085E8F04} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{079E70F1-77A7-4274-81DE-7331E568306F} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{092A4EE2-2302-42DE-92AD-39497BB5F3DB} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{096757FD-63B5-4643-83DE-1C70D23D0CA3} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{0995AEC6-006F-44B2-95BE-E6384030B286} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{09DCEB05-9709-47D4-B62B-3DE2328A8578} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{09FF3004-5BDB-4EE4-B734-68F3E1C24D80} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{0A07CB6F-8981-49F1-8C66-F6CB95386EA9} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{0A3F8704-0714-40B8-9E4B-520485046ED7} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{0A85CE02-5ABA-4F88-B944-1C00E2EBDB86} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{0AAB596F-1942-464A-917F-A48F3D0F6BBB} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{0AD560B1-79C3-425E-B4D2-FCD6513DB182} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{0B7058E3-C702-45B4-85AB-84AF92E81514} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{0C88049F-DD51-41EF-91E3-59920F9F3AE0} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{0CABDD9C-5717-4B07-A3F6-D72A37A274E4} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{0E083ACE-5211-4A04-BB10-4D2EC2A4BDB2} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{0E250A86-9A92-4153-919D-AAA13E2809A1} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{0E6F4C56-E1E7-4922-B172-54B7839A2516} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{0E7B08F6-33D9-4F50-B39A-8D6F970F123D} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{0FD1197E-ED74-40CF-ABE2-930FC3735BBA} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{0FE91C0E-4D2C-419B-889F-28E000BB16CB} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{0FE93F7F-A323-43AA-89A9-550FCF143437} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{0FF5F691-0853-4951-9157-DF7EB2FDD240} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{108275CC-9A71-4EEF-805E-B7EB1CA26C83} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{108597F0-0CA1-4BEB-8A33-BEFF4444F1E4} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{10BE4AC4-1743-42B7-829C-16C900DFF969} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{10E7D428-1CE4-429B-88A8-A295428A6D6C} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{10EE97A2-7C6A-4197-A671-85137310A1B0} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{10F0A688-13C6-4BF9-A096-E2E061E15037} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{113B3E39-5F7B-40ED-9CCC-3A7F55575A5A} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{1180C91E-517F-4079-B861-D0501D7B9CBE} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{11A35CF9-DAD8-41E9-AB7A-9E5881F9F751} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{11C528D6-77BD-4A38-8A4C-FC02980702DA} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{11F28E37-0705-484A-A7C5-D1AFCA94976D} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{12201FC3-A4E5-4DEF-9508-874CBCB01F25} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{130DB008-91CA-4653-9E62-A77DBCA86452} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{131563FE-34CD-4B73-9B6D-E9A95AC25D49} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{13F6706C-4463-42B9-86F6-DA8801DDAB29} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{142C8104-0172-47FA-83F7-A2CD6310B581} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{147FF720-B38B-47ED-AB1D-D3EC18D87EB2} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{14FC4482-F67A-477E-AD60-CFBEE0008172} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{155129D2-1A31-4578-94A3-CB3B858AFBF9} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{15B40851-9A02-4EDA-9677-32D3E597E7E9} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{15BFEE9E-651C-411B-A63F-36A2B72C9776} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{15EDFA3D-76CC-4D73-B6EE-40AFDAE04719} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{16937C4D-2ECC-433F-9F59-CA071306B6FD} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{16B9CF2A-61AD-421E-8A22-F1166D45A65A} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{16C52FE1-797F-4745-B8BA-5808F00F56D4} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{17458139-E7D8-466E-B628-CDA5BD606CDA} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{17ADBC76-7F33-43C7-B993-CC3CDD65E1E4} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{196D56B9-6211-4398-9860-1F637CBB4AE9} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{19CA86E5-4AD5-4797-90E0-F479CE6326C1} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{19F009D1-9B6C-400D-A2EE-F33705F504C9} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{19F78034-D60E-4ACD-8120-CCA53DB9C6B4} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{1A1563E0-12B5-49D0-BB47-51837195E2A7} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{1A6FAA84-EF28-4CEB-8B3B-08CD919E994E} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{1A7DBE31-86D5-4133-9970-B024188C3D15} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{1B2582AD-4386-4C9F-AB6E-2F7FAA81B210} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{1B5837C8-FA46-4249-B117-7BB6899844EE} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{1B9460ED-8184-4AE9-B8EE-FEF37ECA187A} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{1BB3F4F1-A51B-4EBD-8F42-13E2A65A420E} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{1BF8F894-6F30-4913-8BB8-3A2F5FA24351} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{1C3F4868-7A01-4FD0-826F-D2CEDBD73AAE} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{1C9AFAA6-B8A5-4C61-B5E2-ADCBFEEAC629} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{1DB8D57A-3E20-4EA2-BEA2-7E7846DE92D1} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{1DE9D1F1-CCFF-495F-BACE-C48787D8C35A} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{1E2CBE13-4318-450C-9943-50A984756694} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{1E353A76-927E-4734-B1D9-4239AF9D562F} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{1E75F4A8-3D63-4CD2-A564-6EDF50059BCE} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{1EA2E290-0ED7-424E-9A8D-F9E90F0E4A52} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{1F0C15CF-3A4A-4160-99E6-05D51316E7CC} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{1F8C446A-17F8-49AF-9181-E082B46D568F} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{1F9AB3D7-E4B8-4376-83B8-DA2AF8334C61} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{2065F8B1-BA64-44F5-AC3E-A1EC5376F44E} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{215C3C7E-76D8-4E52-8047-8DA08D6BF5D2} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{21742658-5CD7-41DC-B51B-956975709AC6} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{219A28BD-E8DA-4A3E-BD75-FEAAEDB0241C} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{2235FE88-0050-4CC0-A07F-D0E0A87BDE89} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{22B710F3-4F30-4E8F-B7CC-C7440D4F2D3C} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{22B92347-76C3-4817-A6D6-7AAF5FF202CA} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{22BACB48-52D5-4254-93A6-197387C771D9} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{230A4F28-DB51-4D85-8DED-778D53D4B424} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{23FF6201-CDC5-42FC-99F7-7D9A5ABFF82F} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{246E5A65-AEBF-4E04-9D5E-033D9BD220F8} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{259B97B1-5783-41E2-98E2-8D24FA078401} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{263D32F1-F29A-4307-B83F-DB6F57FF77D7} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{26DDEFE1-B522-495F-8818-DEBE8F0BB23A} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{26F135B4-8642-403F-B882-9158E40DE990} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{26FBF23E-6788-4967-8864-D7AE4361D501} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{28A90879-1D28-49CB-AA8C-D5D049847394} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{297E4895-60CA-4784-B2B4-520D73522F64} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{29FB210A-3B4A-4C2A-868C-4DE484D91BAD} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{2A0D27E8-E0F7-4258-BE5A-107E4AB8A6DC} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{2AB57C9F-5835-4C0B-BC46-83EC05CC2C81} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{2AE3A640-C798-42D3-9EBB-AC26FD17DE03} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{2C31552E-F6E4-424E-A1B3-AB414DC396DF} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{2C34B5F1-1F76-4058-B269-3C62BCCDDBB3} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{2C3F22EC-4AE2-47B9-9F22-9BF296C161D6} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{2C8740FF-099F-4A8B-B270-3A9DF4734F2E} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{2CE1B5FE-72F6-4A83-B7AB-14E304912FC8} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{2CE7BAF8-F054-4CB3-92D2-3114BB562366} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{2D14414E-C9E9-4D8A-8490-21CD08AAD674} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{2DC8CDDE-EB94-4B48-A9F1-BB5EAE973B8D} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{2DE27513-89B7-48DF-AED1-A1CE75873899} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{2E51FB6F-99E1-4CD4-8DC4-E61F4F31261D} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{2EC381CC-D728-467C-8210-D2CB78F926B9} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{2F818BF3-E38D-4981-B637-59A5E8D21BB0} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{2FBE77AF-75E2-4A94-A544-260EEE3C2A7C} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{2FCB2776-C20A-44B4-A0A1-47F626B0635E} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{3027F41B-9BE4-490B-84EA-252101F091A7} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{302DBB74-DEE1-4AD5-8D99-725C25553585} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{30334308-940A-4BBF-82DE-3BC5B2F51320} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{316C32BF-9300-4BAB-A92F-2E3AB9EFD547} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{318B651D-2D45-4F89-9AA5-7DFC79E3BDA5} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{323E39D2-3364-4642-B224-C570679C840C} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{32B11903-A0F0-4CCF-8537-856ADDC8A61B} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{32E023F7-E82F-4A6C-B698-DF6B8277FDD9} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{335A6611-2A3C-4EEE-AB3E-BF78CEFF9CCD} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{338023AD-58A8-4543-8F3B-B5B4E06A1514} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{343456EB-BC5A-4AA1-A48D-899653C7AAF1} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{345E6CC7-4B5B-4B67-B067-A52C0F0C54B9} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{34839C60-B5DB-493F-9276-1FE9FA05A0EF} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{352B064F-64EE-447D-A78F-13B0BCECD218} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{355CFE01-D389-499F-B3E5-31F7D885B03C} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{35AA897A-4BBC-458C-93B5-781D3AF44AEC} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{36A007E7-047C-45B4-97C6-155147DB7DFD} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{373AFCA5-EE7E-4084-9C59-0DD0AEEC7A5A} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{373D255D-55D2-40AB-82B9-CAE3081D96D6} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{374AD60E-0B03-4E9E-945D-F48BC5CD304F} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{37658160-9B32-4823-9BB5-F4C774DE8882} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{378012FC-D78C-4A7F-ADE2-5D035E51184E} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{3797B93E-1AC4-487A-81FE-F9608DCD6474} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{37C70E49-C8CF-4388-A2BE-90A13BB298B2} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{37F2E9A8-3A4F-4E81-91CF-72DA69932BDE} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{3813BDB3-5463-486F-86E7-705A49ACC94A} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{38735113-7B8C-4009-BDE3-D39B86AB81A5} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{39591EDA-4623-4950-B57E-90EC925B4089} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{39C2EC62-0F1E-4BA8-9595-C21868FD06E4} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{39C98E9F-2F3D-43ED-9DDF-4EAD689867DE} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{39ECB410-CC82-4BD2-A6C0-4A91C11A0F3F} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{3A014595-E055-45C5-B7FE-B4ED05F87307} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{3A47DCA6-53B9-451D-8299-61517956D0EE} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{3AD26EE2-6094-4043-8AC0-2409249C5D0C} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{3B895D19-62D6-4222-BB5F-7D58424DB0BA} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{3B95D2FC-EA69-48E0-9B5D-646904D09A54} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{3BA6F5D4-1D8E-4C77-939A-953EE3AE99CD} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{3BE45FFA-DE43-4A4E-9B7D-81ACB62452FB} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{3C0C1627-7DA8-436D-809F-A16650539868} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{3C1DA05E-95AB-4606-8B21-AFF11553330C} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{3CBEE725-D4B2-4E0A-9505-161527BF87C6} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{3D2E44BF-A5BC-48C2-B0B3-A51B3BED1476} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{3DD4226B-0B6A-41D3-9C58-B13D3C94F13E} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{3DFA01AE-4F56-49A1-8978-4A35713CC84F} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{3E0D9183-E740-4874-AC73-206FAD485408} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{3F31A404-FCFA-40C1-AE6F-1E3909C6F03B} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{3F3B761F-51EC-48A0-8F1A-7337B5BB747E} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{3FA211BA-6C58-4DF0-A93F-C6B49069264C} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{3FEF91BC-7D99-4687-A825-F2D083562BB1} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{40028919-ADE3-4C75-84DF-DD22172F359F} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{401DCE08-AC66-45FB-A1CF-D9AEE0A0659C} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{40EA55E4-CA8F-43C5-B986-D1C108498F56} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{41578F0E-08A9-4284-9C05-571CCBC07727} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{417D315D-FD3C-4293-9A37-F974BE81FA94} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{423AA093-9F05-4EFD-84D3-653C3916E29D} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{42C5AC80-EBA1-4908-B889-B99E9951A00C} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{42F4906E-FD32-4423-83B4-79F0D8F04A56} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{439533C2-7E74-414F-8A37-3F4DDA658C93} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{449A8372-2A1C-4595-AFDF-61E2E131AC4D} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{44F0EE2F-7549-466F-BEAA-C0407200FF36} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{452B808E-2A75-4385-8CFB-3ACA6F88D9B0} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{45335AC3-E48F-4FD1-895A-23F0751F2375} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{45E5DCB2-4735-4E19-96B1-26B2AE8A0ED4} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{466B4838-AE89-40F1-962F-DA343EB3AA2D} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{46F1B6B8-F29D-448E-B74C-6CF683249D64} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{48E06832-2F5C-4D2F-8672-DB6138B9190C} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{48E79061-44D5-4F31-AE8C-73321AA552AB} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{48F7C706-7EEC-4BD2-A29D-300AEFEA6ECE} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{498C4EED-677B-442C-BD59-F3FB12A06C5B} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{49986F04-EEDD-48C2-BD03-6CFC99759D4C} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{49AE456E-B43C-4C31-B100-78EDFB07CE0A} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{49D80D7D-D6BC-4612-BD99-2EE7351F888A} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{49FC2399-BDD8-43FF-AEB6-9F4DEF62A31A} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{4A8EB353-3B76-42EE-AD9A-51D665DD88F5} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{4A9A13BA-986C-4612-B29E-7251486110BF} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{4AF77E44-4AF6-4F06-97C0-94213D54B122} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{4B4A6582-1E16-4686-B928-4ACEB19D6276} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{4B4C69AF-AF21-4C54-A228-ED18085B12C3} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{4BB6BAF7-5049-4A0D-B416-A398AE72148E} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{4BFD3EDC-7995-45E6-ABEB-C92B0634B6F2} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{4C2767EF-FD8C-4F6A-B32A-015A224ACECA} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{4C30F966-9783-4CEC-B1C5-431DB6047D16} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{4CB86A96-6DB5-4B22-94EB-7EF15203BACD} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{4E975EC7-8C07-42FF-880A-761E1FF882DA} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{4F1DC489-9CD4-4EBD-9B4D-36551668A2E4} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{4FB4803E-5ADB-4B26-9AD3-2823C7026E62} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{4FEB8808-86FF-4239-AA83-C02FDD830BB9} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{50770CA6-EE46-4069-9061-C1DC6ED95033} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{5173951C-32E2-48C4-BFF9-9F0E56898E68} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{51B1B2F2-494B-4331-A223-AEC4D633FAEC} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{5230AEA5-FFB5-41AE-BCA1-1B67291B3F1E} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{5250A76E-6EAA-4179-9BA1-0938A258C042} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{53F247E0-7A7C-4177-903F-FE64638C623B} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{5402AC67-808C-4F42-82E8-EADEB703DB7A} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{54BBEF96-1253-4926-AA34-30BCB8341A20} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{54EBC532-6DE6-4985-8B19-E80D5995A055} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{54F446F9-C455-4C86-95D3-6EC2F8C7ED97} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{5571E888-2183-4B90-8F1F-46025BE3D575} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{55C8F5E2-4402-484A-80A7-4A2B19366B4B} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{55EF3D00-F44C-485F-AA67-8C5BD001D3EA} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{5672BA54-49E5-4465-B60E-0689E6AB28F5} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{5709D8E4-BBC9-485B-9CDC-39B60C86CEB1} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{5818AE81-AA32-46B4-9CD7-10D77E4B9F56} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{58299F9C-7A96-4BF2-A333-AC4E86890418} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{5840FC4F-D74A-4FA0-BD91-5F9E9A1B9D9A} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{589CAF37-3EF2-46CD-BF88-F1D5C6E93D3B} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{589F6412-E321-430C-A17D-D44F77B87B04} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{58A90ADB-1A4A-4223-B4C0-BA30122AC71B} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{58ECF538-BC00-4C76-BBED-D247B7DE5818} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{5921D07B-CBCE-48E3-8139-AE7AACA79544} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{5927CA57-9FD5-40E6-A822-74A6AD4D00D9} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{5972FE36-C376-40A0-8FCA-EA1A8CE96080} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{5A003B77-F743-4AFE-AA2A-5759F64212E0} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{5A35C1A2-7BD6-43C9-BCA5-85391868001A} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{5A94DE96-3B60-4F7B-B30C-B20255ED8196} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{5A9C5954-7B66-4D22-A0EC-B7AF898BA187} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{5AEF0619-DAC4-4DA2-A6CD-6C8E8179C84A} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{5B681BB0-963C-40A4-87FF-9D8521B25B28} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{5BE65DB2-4C7A-4CB6-927F-7F6DCCA90600} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{5C1EA757-CE20-4AC2-999A-9EA93F7F9287} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{5C4A6029-5D49-45A1-9110-C9EBE2A289D6} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{5CF8957F-E09C-46F7-9D1A-DFF0E2E56636} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{5D1AB176-6244-4729-B93A-0727B802D522} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{5DD2C3B2-E780-4C9F-8D18-5B585C3A6204} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{5ED327C0-84D6-4B91-A53B-FF95350ADDEB} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{5F68A344-C3F9-4351-986C-A406071E97E5} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{600FE833-BF35-4200-9985-FD96C193B03A} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{605754B7-B2FB-44E3-95E6-868A9D6A8235} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{60AE3E8C-D570-4196-8C65-0E51B8D610D6} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{60DD331B-A453-4BCF-B45B-B05F0FFFFFD5} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{60E28EB7-27A6-41C1-9F00-E2CAED84302A} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{62B4CF08-B75B-43C2-B5E4-38ABA8D02046} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{62D78824-2003-40F0-95EA-385BE3D0C823} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{63165A3A-3007-41BD-9805-DCE3AC195184} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{6329A359-400E-4227-9AF3-FED60C6BAB6D} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{635080D8-30A4-423F-B323-511B30F3B55E} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{63702758-8681-436F-A8DE-54729AC77789} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{63AA4FEB-E380-435B-A7A7-1D390EEDB584} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{63FB5BC2-F89F-4467-8EC3-29690A746C74} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{64781DAA-7490-44D5-A243-5A5B23D78D43} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{64AE9E6B-42DC-4FF1-899B-06E7D3D49865} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{64CB5377-36BF-4F19-8FD9-7FCA8A964905} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{664B39E4-FC80-4744-86F7-1F59545CD2D2} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{66C82F68-1110-44FC-8DB8-BC6001733655} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{67046BB2-6AC4-4C75-86D4-9E04CC528A54} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{671F3360-DBCA-426C-8D44-1D14390808C9} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{67278118-662E-4A1C-9193-8648B67C4A8F} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{67BAA873-796D-4488-A93B-FC475B5FDCEE} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{67BB48EA-5DC9-4B43-940D-AFA42F89A92C} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{68AFF647-1899-4D27-B446-9D59137CCE1E} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{691E532F-3E79-4427-9524-49023C5092DE} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{697A1192-0DFE-4A0F-916C-0D7518604DA7} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{6985E805-C4CE-48CE-8AEE-FB9DCE1EBAC8} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{69C14D10-988D-45BC-AE58-D0A135ED6FE9} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{69E21356-7B66-4035-A533-756B40765BC4} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{6A1C9E33-73E6-453A-9901-F624312F4554} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{6A350DCA-5A84-455F-A7B8-B08CF4BF54C5} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{6A512A1B-2F9A-4E95-8F23-4514BD28602D} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{6A54FE0B-3857-4696-9BA5-0CC8B5BE49B6} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{6A565A25-06AD-4A87-9E19-9F27000C9C00} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{6ACF4FD5-B1DD-4DAE-84AA-2D4F43F1A521} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{6B3EA8B2-32A5-4F73-B680-29C418AB7033} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{6C69CD71-A358-4D67-BAC4-602859235E71} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{6CA5C478-0E7C-493B-90A8-D6058CD548C5} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{6D13800B-3163-4E31-AC60-64E8F08FA04D} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{6D54E8D4-F0DA-458D-A3BC-2A308E4E8CFD} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{6D65D66D-6FAF-44D2-B880-5B45893D901F} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{6D6B4484-5274-4C2B-92BB-1F14CDAD7C52} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{6D75F37C-4A5C-4AA3-B63C-ECA96505FCD7} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{6D90485B-FDE6-4A06-8B04-D10FED48BF5A} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{6DCB6974-6264-40BC-9CC4-35F2F7099D62} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{6E088588-03DC-4B66-9E6C-FA4FD5E02057} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{6E20D697-B55D-451F-BAF9-FD624A92D64E} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{6E28A6CE-65E3-4ECF-9B48-F4A17CA069AE} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{6EA67CDB-D5BD-4979-A0C9-A61B09E6BE67} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{6F906A29-A1A7-4427-A1D7-737642F59D83} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{70026496-6CDF-495E-8301-34643360FF78} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{70137D3B-3B63-4E81-802B-2095A6D7636C} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{70D8D446-5360-4314-9DE0-9A1FB730E564} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{70E15660-1033-4F87-B21A-CCED8D9B3C39} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{71302D6C-BE68-4E6B-9D13-217FE48C3050} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{71CCE18D-9B44-4589-9EB2-0DBC2EA4E9C6} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{730E866A-2DCE-4EB0-8656-E7B2AA7BB137} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{7340F1BB-EBAB-43FD-AA9A-55FAFE03E1E6} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{7399177C-5B47-44AC-81F3-B1D602FE2FF6} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{73B486C0-CA63-4864-98AD-0F8F5EF7D1EE} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{73B7958F-D2DB-4EAE-8C39-4DD11CF49EF3} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{73F55567-74A6-4D94-A99F-92D6497330CD} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{74E4BBBC-5028-42EE-9BDB-543ECED6601F} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{74FD3D8F-D6D2-47F5-B8FF-059AC300E3A4} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{75C291A6-4B6B-46C6-B60F-3964ECB2E960} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{7629AB6E-0116-43F8-B62D-8B74823D11A0} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{772CA05D-5793-402B-8850-84622B8A02A8} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{77BC7499-9B05-45DA-A908-FF54798B06BC} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{780A6C36-6948-4FCF-9347-A9ABBE14683A} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{78303CA0-A4B6-4A1E-9B03-6E1E00A21367} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{784CB8AB-DDE3-44AB-A56C-94485D53AB3A} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{79384AD9-1ACD-4AD1-8F5F-61709C30995E} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{7A1D4652-4AFC-432B-90F6-EE7685B302A0} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{7A52897A-0431-439C-A728-71EFD717746B} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{7A534875-133D-4E2C-B785-4ADCFCDCF13F} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{7A5605F6-F8C6-41A2-A6FD-937EE3313B1D} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{7A87CFF1-B0E2-4944-86B2-807B839DF176} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{7B9B3903-9E6D-458B-88D2-0C621735030E} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{7C130FAE-A515-45F9-AFC6-4E1BD66C073C} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{7C1546DA-5ACF-41EE-A9C6-28191EF3C318} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{7C262233-87C9-4EBB-9463-AA77FCD48AB9} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{7D46DCC5-B0E6-46CB-B419-AE386A57DBF4} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{7D6BA2BB-0413-4196-843C-692D4BB22DE7} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{7D86C0E8-79A9-493F-8092-A12706DC2FE3} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{7DB09E1B-EB0A-4C64-AD83-17D14409F9E5} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{7E22C556-380D-494B-9997-BA57F6DE6B09} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{7F339A20-D95F-4E68-A288-BB6E1BEABDFF} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{7F391D2B-AB63-445C-B96C-0DF8A26643C5} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{7FF58CEA-BB51-4928-A5E9-B0C107C202A9} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{7FFCB39B-C626-44B9-86BA-E84EA56C9C4B} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{802F63C0-FD90-4785-8C20-8DB4B1E1F31D} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{8030B303-B6A7-47B2-9B69-204D5E84D989} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{80CC5009-C707-4C72-A83A-209A8EBB1496} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{810D2382-CD1A-4B5D-B13D-84C263244236} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{81240B33-583C-4C6C-AEDF-0813F56D2BE0} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{8131C7E7-581C-4920-BF17-151EE4A327C1} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{818BCCB3-EC09-4AA3-B760-726B450D6429} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{81B37834-8F96-4F02-A70A-82D30A9E71E2} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{81C85BE8-ABFB-4CC6-9959-F4FE494B43CF} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{81E115DF-1264-4F4A-84DE-E50394F3B4BB} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{821BAA27-AAC8-4424-807D-21773003D120} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{82215EC4-0508-440E-B6D3-E677A9096A6A} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{826602DE-98CE-436C-8B02-BDFBDDB0D520} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{82EE3DB0-90D3-442A-9D9F-78E9A08F9D49} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{830637F3-A7C7-47BC-A795-3A83CA5D4C97} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{8335624F-D2B8-4240-ADF3-C50535EE8093} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{837AD2ED-FDC6-4F22-9504-DF8A5826A4E9} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{83B65367-D8CB-4DAE-AC16-EB239E1C6AAD} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{83CC8176-C17B-4158-A428-C752CAC33D3D} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{8440E834-407A-4D64-97D8-DB8E42AE5365} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{84FBEB7E-0F8F-442B-B815-B9C3C8D7DF53} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{85082BA9-D4D1-4655-81F4-921223DE8631} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{8532E428-52F2-4731-A786-E14669C8A147} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{85824BB3-D198-4BB5-B1C4-3F5F4EB6B033} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{85E03A36-4C8B-4152-9E9E-65B25D77F331} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{8603ADDE-E8E9-42E4-B182-234EC0131325} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{860AF082-386B-4A95-A079-83C821353CE0} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{860F15D9-73BB-48D7-9D98-387EF6F7ADBD} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{86AD7FAB-786E-4A9F-8BDE-C63FFB9184E7} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{86E12628-E40D-4AF2-96FA-D7CE53C2F2C5} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{874E2AF2-7BBD-436F-99A5-8ABCD96B9A59} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{875F0545-1F6A-4204-94FA-87CD5EAA74BD} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{876EF1EB-621C-4F74-B487-293AA04E8A00} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{88743DAA-0762-4D9B-B39F-41E0A3817ED9} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{88BE46B5-4FE4-44B0-B317-4A82D3367E6F} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{88C5EF7C-CC42-4C18-9046-1E10246CEAB2} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{89995886-8694-4A33-AA1B-85FA67790F51} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{89C9B93E-B003-4BAE-8523-A2F53578AAC3} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{89F3A433-1A15-4321-ACE8-64E036712965} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{8A0683F4-793B-4C43-AD96-3353BB62A913} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{8AA5A475-C235-4F8B-A897-59455412D81E} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{8AC00051-3459-4ADB-9B0D-C6D9A53DF36D} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{8B5F89DF-B402-4920-A2D2-3DE8B716E495} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{8B8AC425-307E-46EA-AC7A-64903B7BF590} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{8B98DBB1-9315-4EE6-8A76-B4B7E0C009BF} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{8B9A6DF3-3DB7-4593-ABBF-2CA1F1D347F4} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{8C3798AE-E532-4E0F-9581-EE110C222982} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{8C61143A-BD69-4305-B878-A076273F18CB} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{8C66C22C-E79B-4081-95B9-DA315E11877E} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{8C8B2194-6714-47AD-BB99-8BF6DEA1A37A} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{8CFAB87A-6404-48F6-9454-1FADFF5CC470} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{8D55D2D6-20DB-4BFF-A4B5-A014B0A4D3A8} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{8D75E061-8FC8-4C80-B406-D1D42049781F} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{8E68AC0C-D5D1-447D-9774-E0E07CF64D16} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{8EC881A8-B066-416C-B992-7E85CBBBF2EB} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{8F16BD39-937E-467E-904F-28BB11D71671} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{8F16EF2C-0037-40CF-847B-52C94A478E37} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{8F7E4492-2AAB-497B-AD4C-9C376C7552E6} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{8FA05320-FC96-4A43-9D31-2895CF11001F} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{9026E6ED-30D1-4113-9F56-071A0005AEC9} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{902AB00E-AAA9-4B40-A472-C414BF8878FF} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{90813009-F6CD-42F8-AE95-EDDAC33C3879} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{90A03509-E5A4-4959-A8D7-F52B4306609C} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{90FC89E5-9C58-4B0D-B708-34795463C51C} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{9116E901-00D1-4900-989B-E23910B6AE14} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{917D353E-7767-4FA1-8469-110AA3F45B0F} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{91D51697-0CDB-4902-90FF-045CC13FE63F} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{92BF9337-D4E8-4493-8E26-AE18D543DF09} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{92D09B09-889F-47A3-8212-A988CECBEB1B} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{93182271-1AC8-409E-8505-41E9AB9D4198} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{933A9CC1-2311-4C39-AA5C-474F95703275} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{93DFEB0E-690D-4FA4-A16B-B8FCCFE48CE5} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{93E9EB26-BA42-4623-BA66-19D9D8FC5E83} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{948083DC-6B7D-46B9-872B-D353249BF80F} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{94C19568-4DA3-4EBE-9816-65CA1004E71C} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{954CA1FD-8798-4186-B3AF-F75028FE3723} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{95BB8AD9-B298-4B9C-A71F-0B1290E8FD88} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{95D20200-71C8-4B27-99AE-45162A516394} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{964E9CA0-8AC0-4371-B8D3-55C78B0EF364} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{965565EF-4120-4900-9278-A0AFA59A4453} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{96BD1FDD-4D5F-4153-9A18-1F1A71F819A9} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{96E10824-2AA7-4732-A652-F220768D708A} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{96EEE43D-AAC7-41A8-81BF-081CF53DD5A5} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{986E7A82-91ED-4204-8BF5-23E8BD1D102C} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{98D1F386-B0C3-4EE0-9C28-9497D6B17FB8} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{98DF35AF-5C85-4579-9E71-6DA9AD4A40FA} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{98E3FADB-0315-4E98-9960-E6DA41D89C6B} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{98FFA2A6-518E-4FF8-BFB8-B4E2FECD79E3} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{9980F315-75C7-4008-A7A6-0D092F9737CB} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{9A1BE440-E619-4392-9A29-BB639228191B} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{9A491EDC-EE33-4864-A8FE-C3ACA50FB6A2} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{9A8EC982-1E3E-4B85-BAD5-E30A3BA8F312} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{9AE39673-0B27-41EC-957D-6DBA1FC1E190} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{9B5A4983-F1DB-43DD-BDF9-3F0F19ED4F64} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{9BBC006C-7047-4E65-B102-A9A7FE639C83} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{9C436261-13E9-47A0-B07C-CA968478E14F} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{9C472370-A00D-4C83-9456-6B53BEFAA1D0} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{9C85B207-749A-499F-AFAD-B1587CA02770} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{9CDA895A-3677-4FF5-B9FF-40068CD1D696} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{9CFDA92F-CB2F-4DC1-B3C4-F0573D193076} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{9E49F9E9-9F25-43E5-B51A-2769B69E22B2} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{9EA8ED43-6097-47DF-92A4-B3901123BAEA} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{9F035A7D-AB88-4305-A5AD-196158760DF2} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{9FBF440B-6052-4EE7-A5FE-8EBFAED80959} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{A0748CCC-CA9A-4AFF-B958-2A9B367F7FE2} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{A1107476-05B4-4795-9D82-F51DFE41E914} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{A1869578-45AA-4480-BBD7-AA9CBC8EA5C8} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{A1869DEB-BAC9-46D0-928F-3EC046797699} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{A25FDB02-FD22-4192-9D10-2DDAC392585E} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{A2A5B466-7306-4950-B4D0-43AF597E7C32} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{A3487EDF-7DF9-44CB-BC47-A5D927BC20C9} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{A3612165-91EC-4620-8A34-E7297E346F2E} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{A3C82D34-E5B0-4FDA-B45B-0A7AF2220807} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{A5127467-8223-4AC3-8B84-76C840C07308} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{A576C749-4ED7-4963-B14D-23B193124A79} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{A58F7ADD-0734-495A-ADF6-A02DB4C5AC65} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{A5F2E94C-4E45-463D-A16E-859FD936CC1A} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{A63848EC-9A08-420C-8D7C-2CAC28F4B9F1} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{A6B3B178-AF09-462C-BB79-6061A8521DE2} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{A6BE198A-1A64-48AC-BF10-7EDDFD1E567B} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{A7E87C03-57A8-40D0-AB92-FA1B89088878} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{A911DEDB-DB82-474F-BA2D-14BB6B8A8813} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{A95C0FBB-A8B2-44FD-BF9E-5A45257F2EFF} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{A9A50CFA-715C-4C8C-8337-941100A864B8} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{A9B6CE2C-949C-4ADD-97F7-E75A5FED4AD5} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{A9CB11CC-282C-4A2B-B808-0334292798A2} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{AA880B0B-7476-4A4E-BDEA-911D922B31B4} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{AAA5EADE-EACE-4053-ADDE-3987C5FCCC7B} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{AAB9C94B-D601-445C-BA0D-5364F4BB1787} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{AC1F7892-A64B-40C0-96CB-46C0A366389B} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{AC2A90C4-8936-4746-801C-FFE60F4A6764} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{AC65EE3A-51EA-4001-9A13-A17EEAFCBDFA} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{ACE30BF6-F54B-432E-ADB7-FB81E1D5A846} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{AE063CBE-9EFD-47DA-8F1D-164F1A146FA5} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{AE092E52-D905-40B4-9436-9579CCDC9F4D} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{AE0C1ACF-0814-4960-9E4F-CD683F649B50} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{AE9FBA4C-E116-4589-A937-AA9D003D0E7B} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{AED82657-4F87-482E-B1D7-056077F38061} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{AEE4C1AF-D542-4D7E-B542-9E0C371812D3} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{AFE90D4C-51C1-4C26-80F3-2C0F2369E683} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{B00EEA60-BB90-469D-B2AB-8CF3C7641A75} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{B0278B69-DB70-4A2A-B8C3-F80C256947CE} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{B028EC46-F9EB-4C4A-AE0A-085978FF5B73} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{B03BBB9B-53C3-4CFD-88E4-BFE33AC3BB26} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{B089AFDB-E124-423D-B947-C1244B8DF242} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{B1683D30-96A4-4292-981C-FCDD64DBCC4C} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{B224F446-E04B-44FB-93AC-A997644FE36E} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{B284293F-BDAF-4397-AE17-1B133E470DC4} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{B28F7506-3329-413D-8526-9ED17D4970A8} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{B2B6D32C-5059-45A6-8BF6-A4EC38F06B02} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{B32B9F18-CBFC-4387-99F0-771D28C8C1EB} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{B34F6F99-05FB-4978-9D90-FE887C98A6E2} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{B381AC47-A147-4D15-AC8A-3FFA22A4C965} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{B383202A-810C-459D-B67B-7719796D3CB8} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{B45E7AD1-658D-4D2A-8763-6F75AD8ECEEB} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{B5216632-D984-4DAD-B6B7-033726BBFC57} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{B5315271-9FA1-4EEC-B7C8-2B4E3335C9F9} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{B552C44B-ED07-4E50-A217-56FF0255C7DC} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{B567C0F4-C749-4D60-B5CF-6803E7E588B0} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{B5BFF175-2673-44C3-B2D6-C00CADC6882F} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{B5EAF9C9-9728-406C-91F4-8C7E9D83848B} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{B60C355C-606B-44B3-8228-7CFC8AF0C2D1} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{B644596F-601A-45EB-99AF-AE8AB8134C17} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{B67AA832-5A83-47E6-B345-893CD5AAF2DC} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{B6AE79B2-DC4F-44A4-9653-BECC0756535F} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{B6BE1A82-1D66-485D-BC0A-432979A314E6} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{B7508F0A-BE59-44B9-838C-AEA1AA651DCC} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{B78F064F-8ED0-49F9-96A3-F318D7F9EED5} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{B7BBA209-BF38-414E-9215-0E63EAB3AFC0} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{B830E1C9-31F9-45B9-90D8-28BA4B9ADA97} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{B8926E9E-078C-4BD7-BA28-2E7A70151070} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{BA02F504-5138-49B5-BB89-9DF7DBA432C8} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{BA164DB0-9442-4009-852C-2D45F9B51E78} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{BA5AE5C0-DC89-4EFE-A82E-6817A85A60E8} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{BAFD1A39-E5BE-4565-BE44-B3825DB036A5} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{BB1B2C84-8F1A-42AC-AF0E-E24F9F935312} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{BBE97E0D-8FF6-413F-8B52-BAEE74480A1A} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{BD173190-277B-4B4F-BE04-92F5294AA1D1} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{BD22BCC8-8B25-401A-B9B6-27E45E1D2666} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{BD4AB2CD-FB50-453F-A827-B2FFA0AB2AD1} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{BDF386BC-D96A-4261-A8FC-07FF417E8650} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{BE7B1A25-D909-4216-8E89-1B9EFD85CD97} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{BE7CE651-90CA-480E-972B-769FEC9DF55D} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{BE867E1A-63CB-4F9D-80FD-ED161E1E70B7} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{BE90931E-F871-47CC-84F9-B63EC3AFDB61} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{BEC8365A-D9AA-42F6-88EE-8AEF71AA199A} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{BF307D1D-F526-4CA3-B63D-B774A6D4950C} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{BF5BC37F-D138-418F-856B-4C0A8A6F8923} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{C0195122-592A-4089-9FFA-60F8E2AC1621} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{C050F01D-E788-4481-A720-EFCE6FE2DE71} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{C0A4ACD5-4E24-48DF-8B07-CD207481AD2B} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{C0DD7B12-6FD2-4CA1-A92C-953C46EA400D} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{C0DD9367-5716-4DA7-97BD-011E862E5A94} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{C0E5C355-F0DE-4288-9831-364657720885} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{C10431F3-061B-412E-9140-39556E535C5E} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{C13E2E6B-1654-4563-99F0-162B9EE66BFB} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{C15D8438-8412-4D34-A544-4F46889080E6} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{C17317DC-4CEE-414D-8897-3E8D4868049E} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{C26D372E-A986-4CB6-999D-69BC7CB08AA4} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{C34FC6F0-6E34-4494-B859-9240AFC2A8A8} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{C35D5CE0-BF3D-423C-86CB-9C369AFD1594} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{C3BFB11F-9E1E-4EC1-9911-67327B8D961F} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{C59E7E76-D03F-4E94-BB66-274CC985E2DA} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{C5DB8996-6405-47E4-8C92-D39A91F1A345} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{C5ECAF49-BBDE-4E23-8FFA-5612797E808F} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{C63B8C1F-E99C-433C-BFC2-82D665C66BCD} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{C69D363F-A418-4ADA-998C-5F7CC5133D54} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{C6F0DDD9-FA80-47CE-AEA4-8D65BAF9DD2B} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{C77FE4FB-15CC-4A6F-A515-0CED99AB9286} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{C804B372-8D6A-47D5-9E00-A34C888EB640} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{C816E7E5-79F3-40D1-A7F9-DBF2D78D8BA7} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{C81B50A3-B2B0-401B-9158-99BA1520314A} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{C86887CE-1F6A-4801-A82F-F15AF44CF6ED} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{C87D907A-0987-44AA-93E8-41B1FE247A83} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{C88D80B8-FD15-4261-AEB6-7A9F96826FB8} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{C8BB6B5E-88D0-4B81-AFAD-4C97CED9D141} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{C8EE5452-F1BF-40ED-B2D6-A1EAEC54075D} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{C9D25637-BF0A-45A7-A134-1E6A426A5FEE} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{CA432FE9-1ED6-48A8-A0AF-770A24E43551} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{CA72835A-F8B9-4A90-B985-AD0122288CE5} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{CADD20F4-ADB9-43C1-BC78-82E4D5520C97} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{CB68EDD9-FF34-4DAC-8A5C-ADA7DB531ED7} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{CB86685C-3435-436C-B8B9-34C01A199580} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{CBE1ED01-E477-49DC-A4F2-3F87DAC0E86B} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{CC14FF74-0E9A-4763-A307-0F0212846D64} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{CC2B886B-8A2D-4A89-A3DB-A00206CF9E96} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{CC342F44-B563-4D76-9C4C-082F2F780235} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{CC6C22C9-053E-46EE-B3C2-1A85238B6896} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{CC7AFE60-5DCF-4268-8EB3-E29D2DF4EDB9} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{CC8217DF-FC5B-49CE-BE11-F49167E53A69} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{CD68928F-B497-4731-8280-743A2BB83ACF} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{CDF4F8F9-D326-40FD-A8FE-3688D570CF80} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{CE04B7E5-1C46-442B-B99E-3C3CA0FA1179} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{CE54F666-741D-412A-8E5D-97C6AAD4B5C9} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{CE7D9FEF-8F93-4DAF-A09C-AAC4EDF9A103} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{CF4B6FB7-F675-476A-9378-B899A776B6D5} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{CF507C8F-3242-4E41-A75B-0346F315F3D0} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{D0D89A5B-3B5B-44A4-9D65-1409B7E482C5} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{D1298FB2-1F4F-4319-A781-F0999A5001B3} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{D14F5788-1B38-48BC-B8C0-62EE8637D3C6} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{D163EF0D-D976-48E5-B852-D37D4A2DC3FE} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{D17CDB98-5CA1-46B4-8A81-6A7C2E6F6173} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{D1E1ED4E-F0AD-45E7-8570-5FDF3E05E563} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{D25A388F-336A-46DC-BFF3-E3ECC9319EBC} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{D29257CC-D2C1-4F89-B234-E42469280524} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{D349F01D-9D88-4BCB-8918-E1D92710FEB8} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{D3949C5E-086F-44E2-B04F-EEEA2EEFD8E8} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{D40A0130-1D14-4E74-BD6E-08C4D68A8174} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{D4A55F27-C132-4F89-ADB6-0A622BF969C4} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{D4CA32DE-03B6-41F4-995B-B3D22E8F9D60} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{D566BDA0-A177-4115-809E-85F0761D274B} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{D5E550D4-17C6-4BAC-BC55-E835D36B6D6F} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{D62DA6DF-11B2-45FD-BB27-E305C93E7F08} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{D659835C-602A-4EBF-81C9-E8318CE309A1} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{D66AD280-FABA-4C91-8A97-09AB0C64B5AC} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{D67D415D-37B0-4DD5-87FD-B12B99D86A80} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{D6805700-46B1-4B0A-800D-7A6CDBC8D330} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{D6E31281-79B6-4A56-AF88-3406AD2853AE} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{D6EFC111-BAEF-4E5F-86D8-45EA6DB40C63} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{D702209C-4413-48AC-AB5F-4D67C901914D} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{D712F6D5-CC73-4ABF-9A92-4A910D9E275C} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{D7B12DE7-4193-452F-A5F1-BEDD3B85D879} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{D87014E1-7BF1-45AF-A2E6-A923F3C0D10C} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{D8A82142-C268-40C3-886E-7A94D95724C2} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{D96AB918-D963-42AE-9147-D265C7AF0B35} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{D9DE2538-E451-4194-B5FF-412DD5E3D976} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{DA5BEEB3-9C66-49BB-A685-BC9499100D8D} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{DB4B641B-28E3-4570-AB45-F926FF4CF107} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{DBF7134B-FA16-4DD9-91A4-C426BEFDC258} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{DD91C186-0363-46F0-B3D9-6783DE6D1842} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{DDD4C606-DD39-4F03-A8A9-59D821E3D313} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{DE6AAE3E-BC2B-4B81-8E8F-5AC2278CB24E} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{DF165CD1-01F4-423D-ACCA-D405F7116857} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{DF166AD5-6A49-4B96-8CDE-FE5C546ECA31} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{DF29F7E6-5A22-4B36-AA2B-B1C1B1837649} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{DF339B73-2E07-4EBB-A593-B1F83FD08ED3} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{DF6A0FE1-AC6E-484E-8891-28636A616E54} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{DF6B5F16-DB0F-41F7-A3BF-E49FFB44D03B} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{E005CFA5-29B2-43AE-A860-2B3E6974F66E} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{E0677205-CC86-46B8-A0C9-BB1115A731E7} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{E0AFC1F5-2D27-4FF5-A606-FA2937C428E6} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{E0BA07C6-988E-47F3-8906-7AD30EEDF991} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{E0FD68EE-466E-4F7C-A983-78F71E2BE072} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{E1A4F9DB-9F6F-4716-8515-ED479C69B072} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{E1E9B5D9-A863-4CC2-AEF2-7D895A0A7485} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{E28D72D0-1293-46F7-83F6-8327BA21DB9D} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{E29E0242-49DD-4AEA-82FC-73145C3185DE} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{E2C78F2C-8213-4141-8C87-203D1821ED61} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{E3510CE3-60CB-4F7B-9C57-34D6D6BC75DF} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{E3788F5A-56F7-438A-8CE3-0936CAB1A435} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{E385954B-78D8-4055-B8EC-B15D4FDF3DA0} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{E436DA06-FC41-42B5-A118-077FD2A48DFE} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{E441B058-21E0-42DA-87AD-68BD8B6370F8} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{E4AFF0C3-BC54-451A-8F8A-0116BF15FB15} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{E4B074BA-B326-4AF2-979E-77D38F623B3B} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{E4E6B52E-129C-47E6-BC7C-C6F006C828B6} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{E57F0D77-3674-4CFD-82E3-A800E231C5A5} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{E5811D4A-02FC-4D05-910F-24757BA21F89} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{E5986B15-E0EA-472A-B17E-30159F6F11E9} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{E5AC7ACB-82C9-42BD-9B8E-64097F31B3CB} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{E63E75CA-74E7-4269-AA80-C55861843FA5} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{E665C873-5CC7-4D1D-A0C0-C2B30C8B4115} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{E68B27FC-AA6A-42CA-8FFA-756770E3F751} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{E6BB9F34-825E-45F5-80A8-67FF438F1551} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{E6C0BEF5-CBAC-4B1B-83E2-34BF5A2845AF} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{E7056D05-0D7C-4B45-B30D-5B2338020988} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{E7DED427-FD9F-4A3E-81AE-66F1A8D36E66} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{E80E8EDE-D05B-40D8-B873-CDE3351EADBE} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{E847D0EC-0E8D-45DB-B1E7-21D4DAFFF9B2} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{E920D0BB-0459-44C2-909D-82BC2BEC6B14} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{E96FA0A5-CA49-4033-BE55-78291593614C} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{E9AD05D2-FD66-40EB-9CEB-77FFD03400BA} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{E9D37D0D-46B1-4738-8E56-A6EB690563E7} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{E9FA3AC2-FA8A-4D36-9ADE-28A5DF25894F} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{EA2BFAA6-F47F-4CFC-9823-1A1879E6B425} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{EA2C2692-4E23-4929-A942-05788F007F83} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{EAF679F4-64E6-4F7D-A516-83BCAB9129CB} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{EC010530-87CC-49DD-AFEA-268DEADD38A7} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{EC2E166E-F9F8-4F0A-8CF7-FBEE774FD63F} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{EC2E59DA-8351-4579-BC8B-1297542C9526} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{EC526EF4-A10E-4E69-BB21-DA24B81C9790} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{EC957388-5FDC-4E26-8214-90CABC6AC8F9} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{ECB9ED3F-FCA6-46C3-8AD8-8BACEC70DEF8} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{ECC0F61B-EAC0-4EE3-846F-249535F0B39B} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{EE41D5DC-C0B4-476A-8181-99D64C689D21} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{EE941AEB-3431-440A-A678-AD4EB4A1FEE4} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{EEA69A3C-D929-4F59-813A-8B98F285DF83} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{EF3B24AD-6018-459D-A240-D06E91B39052} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{EF3F4AE9-7B5C-460B-A023-3685B5A00B44} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{EF4A66C6-E6E4-4B7D-8ABB-9EE23315DC43} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{EF6B99CE-289F-412D-A726-1C591CA81DAA} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{EF997D2D-290E-4BAF-A785-8497C8C00401} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{EFB5790A-62CC-4CDF-91C5-8B547BFE8A32} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{F056A60C-3093-4878-A266-94B8E8EBF2FF} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{F0A8C770-36E0-402B-8D99-DB375D518027} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{F16BC39C-B1E7-47C5-9900-8054A4427DDC} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{F1A858B1-E263-4796-A6E4-15697BF8D01C} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{F1DAE9C4-1B05-47C9-B18D-3B342A5608B9} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{F1E1CE88-0AF0-4A0D-8282-13EA8481F4DC} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{F20DE833-BEBC-41FB-B8F2-821146236611} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{F26333AD-D2F4-43B5-95B3-C85DF0F6997F} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{F27A688C-7D06-45B8-8DB8-20A908A46B55} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{F28D9013-B4AE-48BF-AAC1-3F064D0B8655} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{F2F1DBC1-4BD3-4D9E-AF31-CDB21B2CAF55} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{F2F7D021-A00E-4BE0-BC49-1F4404ACBA55} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{F2FC4321-A554-4CCC-A299-CC1220851A7E} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{F33CE215-D573-4F5B-9CE9-8D4903B919BE} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{F3858399-ACE0-44D9-99B5-44416AE98725} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{F39CACE8-E1A7-4DC5-8A3A-E5BD51EA578D} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{F48D118F-A971-4019-9739-F003A8587006} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{F5AC87EC-1574-4DD5-B7D4-1534FBA20FCD} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{F5B39798-4160-4621-8DAE-E0EC994353F8} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{F5FDD65A-91F9-416B-A63E-5F5A250EA0C7} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{F63C4C78-8E7F-4DC7-B7F3-CF65F70C338E} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{F66AA137-5471-4C38-B0B9-DF70C0921FCB} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{F6B44D86-94CA-4996-A01B-0095855A400B} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{F770EA18-E73E-40EA-923C-D85B23DF985A} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{F7ABB706-4E08-4981-997A-2137A5444328} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{F7FA40D8-6821-4D36-8D7B-9CD474399994} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{F805D594-CE01-4C6C-B3D8-DA78F40A0B20} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{F87E0B84-94EE-46B2-B585-7C9851FFE0A3} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{F98B3C9E-C297-4482-8E1B-E5D4F2D9BDBD} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{F9FBAECC-0929-4F52-AACD-46DB2FFD9E95} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{FA5B626A-28E3-48B2-8154-3D5D605941F7} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{FA5F01C1-F6F8-4A78-8EBF-FAF51BD475A6} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{FAA7FAE8-DF7F-45EF-BAAB-85A806EE48AB} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{FB27D694-BA31-44A5-B8DC-B9A29378FB5E} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{FBB1FB62-FDC4-4221-B45D-84752EF37F24} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{FBE26217-784C-4FB6-A43A-651CA2023982} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{FC53C62A-C204-45B6-B04A-96E2ADD3F4FE} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{FCAAEF94-8CE4-4D20-B714-94AC7C0ED76E} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{FCEDCAA8-3A01-4168-8174-753E3B4A996A} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{FD0147D6-2957-4223-9FE8-CFC559AE52A6} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{FD55B8A4-857E-4260-A6F4-82458EFB2FFC} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{FDEBE5A0-B256-44C4-8C0E-E41C199EAAEE} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{FE27DFE5-240B-4762-89F2-571A46B3E641} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{FE6FC91C-1A30-4807-9D97-D950B883F00A} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{FED36BC1-94CA-4513-BD36-2A94AA9D979A} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{FED47A52-2E49-44A8-B932-343647DD7EB5} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{FEF1E9C7-8AA0-4DDD-A64E-CBE8E2C2874C} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{FF41C45E-7033-4C29-BE40-903C810236AA} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{FF73232A-CB8C-4C41-B1AD-EFBE89B9E6C2} Successfully deleted: [Empty Folder] C:\Users\bureau\appdata\local\{FFDD962E-B8EA-4808-8322-09A2C0B5539E} ~~~ FireFox Successfully deleted the following from C:\Users\bureau\AppData\Roaming\mozilla\firefox\profiles\evj5l8x5.default\prefs.js user_pref("SothinkWebVideoDownloaderWebVideoDownloader.DownloadedArray_0.url", "hxxp://v9.lscache7.c.youtube.com/videoplayback?sparams=id%2Cexpire%2Cip%2Cipbits%2Citag%2Calgor user_pref("SothinkWebVideoDownloaderWebVideoDownloader.HistoryArray_10.url", "hxxp://o-o.preferred.ams03g05.v16.lscache6.c.youtube.com/videoplayback?sparams=id%2Cexpire%2Cip%2 user_pref("SothinkWebVideoDownloaderWebVideoDownloader.HistoryArray_129.url", "hxxp://o-o.preferred.ams03g05.v19.lscache6.c.youtube.com/videoplayback?sparams=id%2Cexpire%2Cip% user_pref("SothinkWebVideoDownloaderWebVideoDownloader.HistoryArray_130.url", "hxxp://o-o.preferred.ams03g05.v4.lscache3.c.youtube.com/videoplayback?sparams=id%2Cexpire%2Cip%2 user_pref("SothinkWebVideoDownloaderWebVideoDownloader.HistoryArray_131.url", "hxxp://o-o.preferred.ams03g05.v18.lscache3.c.youtube.com/videoplayback?sparams=id%2Cexpire%2Cip% user_pref("SothinkWebVideoDownloaderWebVideoDownloader.HistoryArray_132.url", "hxxp://o-o.preferred.ams03g05.v1.lscache3.c.youtube.com/videoplayback?sparams=id%2Cexpire%2Cip%2 user_pref("SothinkWebVideoDownloaderWebVideoDownloader.HistoryArray_133.url", "hxxp://o-o.preferred.ams03g05.v13.lscache8.c.youtube.com/videoplayback?sparams=id%2Cexpire%2Cip% user_pref("SothinkWebVideoDownloaderWebVideoDownloader.HistoryArray_134.url", "hxxp://r10.fra07g01.c.youtube.com/videoplayback?sparams=id%2Cexpire%2Cip%2Cipbits%2Citag%2Csourc user_pref("SothinkWebVideoDownloaderWebVideoDownloader.HistoryArray_135.url", "hxxp://o-o.preferred.ams03g05.v6.lscache8.c.youtube.com/videoplayback?sparams=id%2Cexpire%2Cip%2 user_pref("SothinkWebVideoDownloaderWebVideoDownloader.HistoryArray_136.url", "hxxp://o-o.preferred.ams03g05.v5.lscache8.c.youtube.com/videoplayback?sparams=id%2Cexpire%2Cip%2 user_pref("SothinkWebVideoDownloaderWebVideoDownloader.HistoryArray_137.url", "hxxp://r4.fra07g02.c.youtube.com/videoplayback?sparams=id%2Cexpire%2Cip%2Cipbits%2Citag%2Csource user_pref("SothinkWebVideoDownloaderWebVideoDownloader.HistoryArray_138.url", "hxxp://o-o.preferred.ams03g05.v6.lscache4.c.youtube.com/videoplayback?sparams=id%2Cexpire%2Cip%2 user_pref("SothinkWebVideoDownloaderWebVideoDownloader.HistoryArray_139.url", "hxxp://o-o.preferred.ams03g05.v16.lscache5.c.youtube.com/videoplayback?sparams=id%2Cexpire%2Cip% user_pref("SothinkWebVideoDownloaderWebVideoDownloader.HistoryArray_14.url", "hxxp://o-o.preferred.ams03g05.v24.lscache8.c.youtube.com/videoplayback?sparams=id%2Cexpire%2Cip%2 user_pref("SothinkWebVideoDownloaderWebVideoDownloader.HistoryArray_140.url", "hxxp://o-o.preferred.ams03g05.v23.lscache4.c.youtube.com/videoplayback?sparams=id%2Cexpire%2Cip% user_pref("SothinkWebVideoDownloaderWebVideoDownloader.HistoryArray_141.url", "hxxp://o-o.preferred.ams03g05.v5.lscache8.c.youtube.com/videoplayback?sparams=id%2Cexpire%2Cip%2 user_pref("SothinkWebVideoDownloaderWebVideoDownloader.HistoryArray_142.url", "hxxp://o-o.preferred.ams03g05.v9.lscache6.c.youtube.com/videoplayback?sparams=id%2Cexpire%2Cip%2 user_pref("SothinkWebVideoDownloaderWebVideoDownloader.HistoryArray_143.url", "hxxp://o-o.preferred.ams03g05.v8.lscache4.c.youtube.com/videoplayback?sparams=id%2Cexpire%2Cip%2 user_pref("SothinkWebVideoDownloaderWebVideoDownloader.HistoryArray_144.url", "hxxp://v7.cache1.c.youtube.com/videoplayback?sparams=id%2Cexpire%2Cip%2Cipbits%2Citag%2Csource%2 user_pref("SothinkWebVideoDownloaderWebVideoDownloader.HistoryArray_145.url", "hxxp://o-o.preferred.ams03g05.v14.lscache7.c.youtube.com/videoplayback?sparams=id%2Cexpire%2Cip% user_pref("SothinkWebVideoDownloaderWebVideoDownloader.HistoryArray_146.url", "hxxp://v5.cache8.c.youtube.com/videoplayback?sparams=id%2Cexpire%2Cip%2Cipbits%2Citag%2Csource%2 user_pref("SothinkWebVideoDownloaderWebVideoDownloader.HistoryArray_147.url", "hxxp://o-o.preferred.ams03g05.v7.nonxt4.c.youtube.com/videoplayback?sparams=id%2Cexpire%2Cip%2Ci user_pref("SothinkWebVideoDownloaderWebVideoDownloader.HistoryArray_159.url", "hxxp://o-o.preferred.ams03g05.v17.lscache2.c.youtube.com/videoplayback?sparams=id%2Cexpire%2Cip% user_pref("SothinkWebVideoDownloaderWebVideoDownloader.HistoryArray_19.url", "hxxp://v4.cache7.c.youtube.com/videoplayback?sparams=id%2Cexpire%2Cip%2Cipbits%2Citag%2Csource%2C user_pref("SothinkWebVideoDownloaderWebVideoDownloader.HistoryArray_22.url", "hxxp://o-o.preferred.ams03g05.v23.lscache8.c.youtube.com/videoplayback?sparams=id%2Cexpire%2Cip%2 user_pref("SothinkWebVideoDownloaderWebVideoDownloader.HistoryArray_245.url", "hxxp://o-o.preferred.ams03g05.v9.lscache7.c.youtube.com/videoplayback?sparams=id%2Cexpire%2Cip%2 user_pref("SothinkWebVideoDownloaderWebVideoDownloader.HistoryArray_25.url", "hxxp://v3.cache7.c.youtube.com/videoplayback?sparams=id%2Cexpire%2Cip%2Cipbits%2Citag%2Csource%2C user_pref("SothinkWebVideoDownloaderWebVideoDownloader.HistoryArray_26.url", "hxxp://o-o.preferred.ams03g05.v22.lscache2.c.youtube.com/videoplayback?sparams=id%2Cexpire%2Cip%2 user_pref("SothinkWebVideoDownloaderWebVideoDownloader.HistoryArray_27.url", "hxxp://v1.cache6.c.youtube.com/videoplayback?sparams=id%2Cexpire%2Cip%2Cipbits%2Citag%2Csource%2C user_pref("SothinkWebVideoDownloaderWebVideoDownloader.HistoryArray_310.url", "hxxp://o-o.preferred.ams03g05.v9.lscache1.c.youtube.com/videoplayback?sparams=id%2Cexpire%2Cip%2 user_pref("SothinkWebVideoDownloaderWebVideoDownloader.HistoryArray_88.url", "hxxp://v4.cache4.c.youtube.com/videoplayback?sparams=id%2Cexpire%2Cip%2Cipbits%2Citag%2Csource%2C user_pref("SothinkWebVideoDownloaderWebVideoDownloader.HistoryArray_89.url", "hxxp://o-o.preferred.ams03g05.v9.lscache7.c.youtube.com/videoplayback?sparams=id%2Cexpire%2Cip%2C user_pref("extensions.crossrider.bic", "13b1d264c535354a37a8aae4770030b0"); user_pref("extensions.speeddial.thumbnail-20-url", "hxxp://ddlsearch.free.fr/"); user_pref("google.toolbar.button_option.cached.gtbSearchBlogs", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\" id=\"gtbSearchBlogs\" t user_pref("google.toolbar.button_option.cached.gtbSearchPhotos", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\" id=\"gtbSearchPhotos\" user_pref("google.toolbar.button_option.cached.gtbSearchScholar", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\" id=\"gtbSearchScholar user_pref("google.toolbar.button_option.cached.gtbstoolbar-google-com_CTK0Y7F4MTG6NKYH03WT-xml", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.o user_pref("google.toolbar.button_option.cached.gtbstoolbar-google-com_J66T77NJDBMW4FEUU7FA-xml", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.o user_pref("google.toolbar.button_option.cached.gtbugmail-1o4-jp_ELT48OR1SR8HW6XLE4UT-xml", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xu user_pref("google.toolbar.search-icon", "data:image/x-icon;base64,AAABAAEAEBAAAAEAIABoBAAAFgAAACgAAAAQAAAAIAAAAAEAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7PT7/3zF6/9Ptu//RbHx/ user_pref("somoto.Var1", "0"); user_pref("somoto.Var10", "0"); user_pref("somoto.Var2", "0"); user_pref("somoto.Var3", "0"); user_pref("somoto.Var4", "0"); user_pref("somoto.Var5", "0"); user_pref("somoto.Var6", "0"); user_pref("somoto.Var7", "0"); user_pref("somoto.Var8", "0"); user_pref("somoto.Var9", "0"); user_pref("somoto.cache.aff_toolbar_settings_xml", "46/11/21/8/111"); user_pref("somoto.cache.feed_xml_5761b63e8e71f8f8435e6a3a3dafea06", "43/11/21/8/111"); user_pref("somoto.cache.weather_gae", "43/11/21/8/111"); user_pref("somoto.firstlaunch", "0"); user_pref("somoto.guid", "%7BE6156E39-3107-4622-A0A0-D2FD3575F3CA%7D"); user_pref("somoto.old_homepage", "chrome://speeddial/content/speeddial.xul"); Emptied folder: C:\Users\bureau\AppData\Roaming\mozilla\firefox\profiles\evj5l8x5.default\minidumps [36 files] ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 02/04/2013 at 15:11:51,06 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ le dernier vas suivre
- le 2 avril 2013
- 4 réponses
Apparemment problème détecté [sujet bloqué]

jg92 a posté un sujet dans Analyses et éradication malwares

Bonjour, voici mon log Apparemment des des des éléments ne sont pas clair dans ce log, que faire, merci Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:03:19, on 01/04/2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v10.0 (10.00.9200.16521) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Program Files\Trusteer\Rapport\bin\RapportService.exe C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files\ACD Systems\ACDSee Pro\6.0\ACDSeePro6InTouch2.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Start Menu X\StartMenuX.exe C:\Program Files\Cordial\Integration_Cordial.exe C:\Windows\System32\WinFLTray.exe C:\Program Files\MyTomTom 3\MyTomTomSA.exe C:\Users\bureau\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Cobian Backup 11\Cobian.exe C:\Program Files\johnsadventures.com\John's Background Switcher\BackgroundSwitcher.exe C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe C:\Program Files\Synapse Developpement\Synapse Update\Synapse Update.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Cobian Backup 11\cbInterface.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Users\bureau\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files\Stardock\ObjectDock Plus\ObjectDock.exe C:\Program Files\Stardock\ObjectDock Plus\ObjectDockTray.exe D:\hijackthis\HJT.exe C:\ProgramData\Badoo\Badoo Desktop\1.6.58.1220\Badoo.Desktop.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=FR&userid=fe2250e0-5f69-40b1-8370-63785c81572d&searchtype=ds&q={searchTerms} R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = ERROR R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.fr - Actus France et Monde - Magazine People & Féminin â€“ Hotmail R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.fr - Actus France et Monde - Magazine People & Féminin â€“ Hotmail R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=FR&userid=fe2250e0-5f69-40b1-8370-63785c81572d&searchtype=ds&q={searchTerms} R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=FR&userid=fe2250e0-5f69-40b1-8370-63785c81572d&searchtype=ds&q={searchTerms} R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, enhanced for Bing and MSN R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O2 - BHO: IEButton Class - {F81D52BF-F2F1-4F49-BF5F-05664E803039} - C:\Program Files\UnH Solutions\Flash Saving Plugin\FlashSButton.dll O3 - Toolbar: &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O3 - Toolbar: FireShot - {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} - C:\Users\bureau\AppData\Roaming\FireShot\FSAddin-98_32.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files\AMD AVT\bin\kdbsync.exe" aml O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [sysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe" O4 - HKLM\..\Run: [Fences] "C:\Program Files\Stardock\Fences\Fences.exe" /startup O4 - HKLM\..\Run: [ACPW06FR] "C:\Program Files\ACD Systems\ACDSee Pro\6.0\ACDSeePro6InTouch2.exe" /pid ACPW06FR O4 - HKLM\..\Run: [smart File Advisor] "C:\Program Files\Smart File Advisor\sfa.exe" /checkassoc O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" O4 - HKLM\..\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [0934CC49F1BD9DEB16EBBD32159ED7952AF559C2._service_run] "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=service O4 - HKCU\..\Run: [startMenuX] C:\Program Files\Start Menu X\StartMenuX.exe O4 - HKCU\..\Run: [integration de Cordial] C:\PROGRAM FILES\CORDIAL\INTEGRATION_CORDIAL.EXE O4 - HKCU\..\Run: [WinFLTray] C:\Windows\system32\WinFLTray.exe O4 - HKCU\..\Run: [MyTomTomSA.exe] "C:\Program Files\MyTomTom 3\MyTomTomSA.exe" O4 - HKCU\..\Run: [skyDrive] "C:\Users\bureau\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [Cobian Backup 11] "C:\Program Files\Cobian Backup 11\Cobian.exe" O4 - HKCU\..\Run: [backgroundSwitcher] "C:\Program Files\johnsadventures.com\John's Background Switcher\BackgroundSwitcher.exe" O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" O4 - HKCU\..\Run: [synapseUpdate] "C:\Program Files\Synapse Developpement\Synapse Update\Synapse Update.exe" O4 - HKCU\..\Run: [iSUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU') O4 - Startup: Dropbox.lnk = AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Startup: Fences.lnk = C:\Program Files\Stardock\Fences\Fences.exe O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock Plus\ObjectDock.exe O4 - Global Startup: ColorVisionStartup.lnk = C:\Program Files\ColorVision\Utility\ColorVisionStartup.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present O9 - Extra button: Résumer - {0F2D17A0-E7DF-4847-995B-6F3ABF5BF187} - C:\PROGRA~1\COPERN~1\COPERN~1.DLL O9 - Extra button: Flash Capture - {753BBC4B-CC73-4fb8-A5B5-CA09C804C1DD} - C:\Program Files\Flash Capture\fciext.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Flash - {43CF38F3-5AEC-45a3-AD31-04EB06E9C6CA} - C:\Program Files\UnH Solutions\Flash Saving Plugin\FlashSButton.dll (HKCU) O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O17 - HKLM\System\CCS\Services\Tcpip\..\{BDA1F7D7-0CB0-447F-B9B5-0E79420F7159}: NameServer = 178.33.41.181,46.4.70.20 O18 - Protocol: skyline - {3A4F9195-65A8-11D5-85C1-0001023952C1} - C:\Program Files\Skyline\TerraExplorer\TerraExplorerX.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - (no file) O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: c:\progra~1\saveby~1\sprote~1.dll O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing) O22 - SharedTaskScheduler: FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files\Stardock\Fences\FencesMenu.dll O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe O23 - Service: Adobe Active File Monitor V10 (AdobeActiveFileMonitor10.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe O23 - Service: Adobe Active File Monitor V9 (AdobeActiveFileMonitor9.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Expérience d’application (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Acronis Nonstop Backup Service (afcdpsrv) - Acronis - C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe O23 - Service: Service de la passerelle de la couche Application (ALG) - Unknown owner - C:\Windows\System32\alg.exe O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe O23 - Service: Identité de l’application (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Informations d’application (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Gestion d’applications (AppMgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Arts-ftp - Unknown owner - C:\Program Files\Arts-serveur\ftp\SlimFTPd.exe O23 - Service: Arts-mysql - Unknown owner - C:\Program Files\Arts-serveur\mysql\bin\mysqld.exe O23 - Service: Arts-serveur - Apache Software Foundation - C:\Program Files\Arts-serveur\Apache\bin\apache.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Audio Windows (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe O23 - Service: Programme d’installation ActiveX (AxInstSV) (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Service de chiffrement de lecteur BitLocker (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Service de transfert intelligent en arrière-plan (BITS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Explorateur d’ordinateurs (Browser) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service de prise en charge Bluetooth (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Cobian Backup 11 Service « Volume Shadow Copy » (cbVSCService11) - CobianSoft, Luis Cobian - C:\Program Files\Cobian Backup 11\cbVSCService11.exe O23 - Service: Propagation du certificat (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: CyberGhost VPN Client (CGVPNCliSrvc) - mobile concepts GmbH - C:\Program Files\CyberGhost VPN\CGVPNCliService.exe O23 - Service: CLHNServiceForPowerDVD - Unknown owner - C:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\cscsvc.dll,-200 (CscService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: CyberLink PowerDVD 11.0 Monitor Service - CyberLink - C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe O23 - Service: CyberLink PowerDVD 11.0 Service - CyberLink - C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Défragmenteur de disque (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Configuration automatique de réseau câblé (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service de réception Windows Media Center (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe O23 - Service: Service de planification Windows Media Center (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Hôte du fournisseur de découverte de fonctions (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: File Lock Service (FileLockService) - TopLang Software - C:\Windows\system32\FLK.exe O23 - Service: FLService - NewSoftwares.net, Inc. - C:\Windows\system32\WinFLService.exe O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe O23 - Service: FreemakeVideoCapture - Ellora Assets Corp. - C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: GoodSync Server (GsServer) - Unknown owner - C:\Program Files\Siber Systems\GoodSync\Gs-Server.exe O23 - Service: GSService - Unknown owner - C:\Windows\system32\GSService.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Service Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Accès du périphérique d'interface utilisateur (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Gestion des clés et des certificats d’intégrité (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Écouteur HomeGroup (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Fournisseur HomeGroup (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Technologie de stockage Intel® Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: InstallClick Connector (InstallClick) - Unknown owner - C:\Program Files\RIFT Technologies\InstallClick Connector\installclick.exe O23 - Service: Énumérateur de bus IP PnP-X (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Assistance IP (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Kinoni Service (KinoniSvc) - Unknown owner - C:\Program Files\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe O23 - Service: Service KtmRm pour Distributed Transaction Coordinator (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe O23 - Service: Mappage de découverte de topologie de la couche de liaison (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Assistance NetBIOS sur TCP/IP (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Service Media Center Extender (Mcx2Svc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: Pare-feu Windows (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Coordinateur de transactions distribuées (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe O23 - Service: Messenger Plus! Skins for Facebook Service (MsgFBSkinsPlusService) - Yuna Software - C:\Program Files\Yuna Software\Messenger Plus! Skins for Facebook\MsgPlusForFacebookService.exe O23 - Service: Service Initiateur iSCSI de Microsoft (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Windows Installer (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe O23 - Service: Agent de protection d’accès réseau (napagent) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Connexions réseau (Netman) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service Liste des réseaux (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Gestionnaire d’identité réseau homologue (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Groupement de mise en réseau de pairs (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service de l’Assistant Compatibilité des programmes (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: PDF Architect Helper Service - pdfforge GbR - C:\Program Files\PDF Architect\HelperService.exe O23 - Service: PDF Architect Service - pdfforge GbR - C:\Program Files\PDF Architect\ConversionService.exe O23 - Service: BranchCache (PeerDistSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Journaux & alertes de performance (pla) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Service de publication des noms d’ordinateurs PNRP (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Protocole PNRP (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Agent de stratégie IPsec (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Alimentation (Power) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: Expérience audio-vidéo haute qualité Windows (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Rapport Management Service (RapportMgmtService) - Trusteer Ltd. - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe O23 - Service: Gestionnaire de connexion automatique d’accès distant (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Gestionnaire de connexions d’accès distant (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Routage et accès distant (RemoteAccess) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Localisateur d’appels de procédure distante (RPC) (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Stratégie de retrait de la carte à puce (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe O23 - Service: Sauvegarde Windows (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Ouverture de session secondaire (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Brillance adaptative (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Configuration des services Bureau à distance (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Partage de connexion Internet (ICS) (SharedAccess) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: Interruption SNMP (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe O23 - Service: Splashtop® Remote Service (SplashtopRemoteService) - Splashtop Inc. - C:\Program Files\Splashtop\Splashtop Remote\Server\SRService.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe O23 - Service: Service de notification SPP (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Découverte SSDP (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Service SSTP (Secure Socket Tunneling Protocol) (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Splashtop Software Updater Service (SSUService) - Splashtop Inc. - C:\Program Files\Splashtop\Splashtop Software Updater\SSUService.exe O23 - Service: @%SystemRoot%\system32\stlang.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV.exe O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (StiSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Service de stockage (StorSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Fournisseur de cliché instantané de logiciel Microsoft (swprv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Acronis Sync Agent Service (syncagentsrv) - Acronis - C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe O23 - Service: SyncoveryVSSService - Super Flexible Software Ltd. & Co. KG - C:\Program Files\Syncovery\SyncoveryVSS.exe O23 - Service: Superfetch (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Service Panneau de saisie Tablet PC (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Téléphonie (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Services de base de module de plateforme sécurisée (TBS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe O23 - Service: Services Bureau à distance (TermService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Serveur de priorités des threads (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: Client de suivi de lien distribué (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Programme d’installation pour les modules Windows (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe O23 - Service: Tweak7SystemService - Totalidea Software - C:\Windows\system32\Tweak7SystemService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe O23 - Service: Redirecteur de port du mode utilisateur des services Bureau à distance (UmRdpService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Hôte de périphérique UPnP (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\uxtuneup.dll,-4096 (UxTuneUp) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Disque virtuel (vds) - Unknown owner - C:\Windows\System32\vds.exe O23 - Service: Cliché instantané des volumes (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe O23 - Service: vToolbarUpdater12.2.6 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe O23 - Service: Temps Windows (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Service de moteur de sauvegarde en mode bloc (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe O23 - Service: Service de biométrie Windows (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Windows Connect Now - Registre de configuration (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Système de couleurs Windows (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Service hôte WDIServiceHost (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Hôte système de diagnostics (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: WebClient - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Collecteur d’événements de Windows (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Prise en charge de l’application Rapports et solutions aux problèmes du Panneau de configuration (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service de rapport d’erreurs Windows (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Windows Defender (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service de découverte automatique de Proxy Web pour les services HTTP Windows (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Gestion à distance de Windows (Gestion WSM) (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service de configuration automatique WLAN (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Carte de performance WMI (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe O23 - Service: Parental Controls (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Service Énumérateur d’appareil mobile (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Windows Search (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Service de configuration automatique WWAN (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe -- End of file - 32425 bytes
- le 1 avril 2013
- 4 réponses
pc lent et beaucoup de mémoire vive utilisée

jg92 a posté un sujet dans Analyses et éradication malwares

Bonjour, Voici mon fichier log, pouvez le regarder, merci beaucoup. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:55:10, on 28/04/2010 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16385) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\Explorer.EXE C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\a-squared Anti-Malware\a2guard.exe C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe C:\Windows\WindowsMobile\wmdc.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Vimicro Corporation\VMUVC\VMonitor.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\Nuance\PDF Create 5\PdfCreate5Hook.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Iminent\IMBooster\IMBooster.exe C:\Program Files\Vista Start Menu\VistaStartMenu.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\Trend Micro\TrendSecure\TSCFPlatformCOMSvr.exe C:\Program Files\SourceTec\Sothink Web Video Downloader Stand-alone\VideoDownloader.exe C:\Program Files\Trend Micro\TrendSecure\RemoteFileLock\FLMain.exe C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe C:\wallpaperchange\Wallpaper.exe C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe C:\Program Files\DAEMON Tools Lite\DTLite.exe C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe C:\Program Files\Orange\Logiciel de Synchronisation Orange\Voxsync.exe C:\Program Files\Stardock\Impulse\Now\ImpulseNow.exe C:\Program Files\Stardock\ObjectDock\ObjectDock.exe C:\Program Files\Orange\Logiciel de Synchronisation Orange\SyncManager.exe C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\PlatformDependent\ProToolbarComm.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Windows\system32\wuauclt.exe C:\Users\jacques\Downloads\HijackThis.exe C:\Windows\system32\rundll32.exe C:\Windows\system32\rundll32.exe C:\Program Files\Mozilla Firefox\firefox.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://adultfriendfinder.com/p/main.cgi?&a...Y3JlbQ:c1.MTk21 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: IMBooster4web-en Toolbar - {346de098-61f9-4b42-89da-6dfba7091bb6} - C:\Program Files\IMBooster4web-en\tbIMBo.dll O2 - BHO: IEPlugin Class - {11222041-111B-46E3-BD29-EFB2449479B1} - C:\PROGRA~1\ArcSoft\VIDEOD~1\ARCURL~1.DLL O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: IMBooster4web-en Toolbar - {346de098-61f9-4b42-89da-6dfba7091bb6} - C:\Program Files\IMBooster4web-en\tbIMBo.dll O2 - BHO: Trend Micro Toolbar BHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: ToolbarBHO Class - {9519AF7E-638D-4933-BAD6-D33D23C79FE5} - C:\PROGRA~1\ArcSoft\RAWTHU~1\EXIFToolBar.dll O2 - BHO: (no name) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - (no file) O2 - BHO: ZeonIEEventHelper Class - {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} - C:\Program Files\Nuance\PDF Create 5\Bin\ZeonIEFavClient.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file) O2 - BHO: Bandoo IE Plugin - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Program Files\Bandoo\Plugins\IE\ieplugin.dll O3 - Toolbar: RAW Thumbnail Viewer - {F301665A-12F8-4331-804A-5BCBD379668C} - C:\PROGRA~1\ArcSoft\RAWTHU~1\EXIFToolBar.dll O3 - Toolbar: Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O3 - Toolbar: (no name) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - (no file) O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll O3 - Toolbar: FireShot - {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} - C:\Users\jacques\AppData\Roaming\Mozilla\Firefox\Profiles\k6iyafex.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\library\fsaddin-0.80.dll O3 - Toolbar: Nuance PDF - {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - C:\Program Files\Nuance\PDF Create 5\Bin\ZeonIEFavClient.dll O3 - Toolbar: IMBooster4web-en Toolbar - {346de098-61f9-4b42-89da-6dfba7091bb6} - C:\Program Files\IMBooster4web-en\tbIMBo.dll O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe" O4 - HKLM\..\Run: [ufSeAgnt.exe] "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe" O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe O4 - HKLM\..\Run: [VMonitorVMUVC] "C:\Program Files\Vimicro Corporation\VMUVC\VMonitor.exe" VMUVC O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe" O4 - HKLM\..\Run: [Nuance OmniPage 17-reminder] "C:\Program Files\Nuance\OmniPage17\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\OmniPage 17\Ereg\Ereg.ini" O4 - HKLM\..\Run: [PDFHook] C:\Program Files\Nuance\PDF Create 5\pdfcreate5hook.exe O4 - HKLM\..\Run: [PDF5 Registry Controller] C:\Program Files\Nuance\PDF Create 5\RegistryController.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" /OM O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [iMBooster] C:\Program Files\Iminent\IMBooster\imbooster.exe /warmup O4 - HKLM\..\Run: [Nuance PDF Reader-reminder] "C:\Program Files\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini" O4 - HKCU\..\Run: [iSUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup O4 - HKCU\..\Run: [VistaStartMenu] C:\Program Files\Vista Start Menu\VistaStartMenu.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Web Video Downloader] "C:\Program Files\SourceTec\Sothink Web Video Downloader Stand-alone\VideoDownloader.exe" O4 - HKCU\..\Run: [FreeGo] C:/Program Files/FreeGo/FreeGo.exe O4 - HKCU\..\Run: [Google Update] "C:\Users\jacques\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [TrendSecure Remote File Lock] C:\Program Files\Trend Micro\TrendSecure\RemoteFileLock\FLMain.exe /lock O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" O4 - HKCU\..\Run: [WallPaper] C:\WALLPA~1\WALLPA~1.EXE /h O4 - HKCU\..\Run: [sEO Soft] C:\stat(2)\stat.exe close 20 O4 - HKCU\..\Run: [OpAgent] "OpAgent.exe" /agent O4 - HKCU\..\Run: [TweakRAM] C:\Program Files\TweakRAM\TweakRAM.exe O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart O4 - HKCU\..\Run: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - Startup: Impulse Now.lnk = C:\Program Files\Stardock\Impulse\Now\ImpulseNow.exe O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe O4 - Startup: ZooskMessenger.lnk = C:\Program Files\ZooskMessenger\ZooskMessenger.exe O4 - Global Startup: Google Calendar Sync.lnk = C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe O4 - Global Startup: Logiciel de Synchronisation Orange.lnk = C:\Program Files\Orange\Logiciel de Synchronisation Orange\Voxsync.exe O8 - Extra context menu item: &Point&&Go - C:\Program Files\Common Files\Expert System\PGPlatform\PGPlatform.htm O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: Ajouter au fichier PDF existant - res://C:\Program Files\Nuance\PDF Create 5\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML O8 - Extra context menu item: Ajouter le contenu des liens sélectionnés à un fichier PDF existant - res://C:\Program Files\Nuance\PDF Create 5\Bin\ZeonIEFavClient.dll/ZeonIEAppendSelLinks.HTML O8 - Extra context menu item: Ajouter le contenu du lien à un fichier PDF existant - res://C:\Program Files\Nuance\PDF Create 5\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML O8 - Extra context menu item: Barre RoboForm - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O8 - Extra context menu item: Créer des fichiers PDF à partir des liens sélectionnés - res://C:\Program Files\Nuance\PDF Create 5\Bin\ZeonIEFavClient.dll/ZeonIECaptureSelLinks.HTML O8 - Extra context menu item: Créer fichier PDF - res://C:\Program Files\Nuance\PDF Create 5\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML O8 - Extra context menu item: Créer un fichier PDF depuis le contenu du lien - res://C:\Program Files\Nuance\PDF Create 5\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Enregistrer le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O8 - Extra context menu item: Lire des données EXIF - C:\Program Files\ArcSoft\RAW Thumbnail Viewer\ArcEXIFM.htm O8 - Extra context menu item: Personnaliser le menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html O8 - Extra context menu item: Remplir le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra 'Tools' menuitem: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra 'Tools' menuitem: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra 'Tools' menuitem: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Xobni\Skype4Com.dll O18 - Protocol: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll O22 - SharedTaskScheduler: FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files\Stardock\Fences\FencesMenu.dll O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe O23 - Service: @appmgmts.dll,-3250 (AppMgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: ASDR - Unknown owner - C:\Windows\System32\ASDR.exe O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\Windows\ATKKBService.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\cscsvc.dll,-200 (CscService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: EasyBoxApache - Apache Software Foundation - C:\Program Files\EasyBox\Apache\Apache.exe O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\peerdistsvc.dll,-9000 (PeerDistSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%windir%\WindowsMobile\rapimgr.dll,-104 (RapiMgr) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Composant de commande centrale Trend Micro (SfCtlCom) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (StiSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\StorSvc.dll,-100 (StorSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exe O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmPfw.exe O23 - Service: Trend Micro Proxy Service (TmProxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe O23 - Service: Tweak7SystemService - Totalidea Software - C:\Windows\system32\Tweak7SystemService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%windir%\WindowsMobile\wcescomm.dll,-40079 (WcesComm) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Stardock WindowBlinds (WindowBlinds) - Stardock Corporation - C:\Program Files\Stardock\MyColors\VistaSrv.exe O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: XobniService - Xobni Corporation - C:\Program Files\Xobni\XobniService.exe -- End of file - 33522 bytes
- le 28 avril 2010
pc lent

jg92 a répondu à un(e) sujet de jg92 dans Analyses et éradication malwares

Voici le dernier log, pour info j'ai perdu ma connexion internet après l'analyse, fichier host corrompu et dns non résolue. jacques ComboFix 09-02-27.02 - jacques 2009-03-01 15:49:08.1 - NTFSx86 Microsoft® Windows Vista™ Professionnel 6.0.6001.1.1252.1.1036.18.3069.1989 [GMT 1:00] Lancé depuis: c:\users\jacques\Desktop\ComboFix.exe Commutateurs utilisés :: c:\users\jacques\Desktop\CFscript.txt AV: BitDefender Antivirus *On-access scanning disabled* (Updated) FW: Pare-feu BitDefender *disabled* * Un nouveau point de restauration a été créé . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\programdata\{3276BE95_AF08_429F_A64F_CA64CB79BCF6} c:\windows\patch.exe . ((((((((((((((((((((((((((((( Fichiers créés du 2009-02-01 au 2009-03-01 )))))))))))))))))))))))))))))))))))) . 2009-03-01 07:48 . 2009-03-01 08:00 <REP> d-------- C:\ComboFix(0) 2009-02-28 17:36 . 2009-02-28 17:37 <REP> d-------- C:\rsit 2009-02-28 08:31 . 2009-02-28 17:21 <REP> d--h-c--- c:\users\All Users\{51019853-129C-4EDE-9030-D5FD7BBD9AD0} 2009-02-28 08:31 . 2009-02-28 17:21 <REP> d--h-c--- c:\programdata\{51019853-129C-4EDE-9030-D5FD7BBD9AD0} 2009-02-28 08:00 . 2009-02-28 08:00 <REP> d-------- c:\users\jacques\The Magic Folder 2009-02-28 07:55 . 2009-02-28 07:55 <REP> d--hs---- C:\Boot 2009-02-26 18:40 . 2009-02-26 18:40 <REP> d-------- c:\users\All Users\ATI 2009-02-26 18:40 . 2009-02-26 18:40 <REP> d-------- c:\programdata\ATI 2009-02-26 14:12 . 2009-02-26 14:12 <REP> d-------- c:\program files\Driver-Soft 2009-02-26 14:12 . 2007-09-02 20:56 1,686,016 --a------ c:\windows\System32\clinetsuitex6.ocx 2009-02-26 14:12 . 2004-06-14 14:56 427,864 --a------ c:\windows\System32\XceedZip.dll 2009-02-26 09:45 . 2009-02-26 09:46 <REP> d-------- c:\program files\Valentine Musicbox 3D Screensaver 2009-02-26 09:45 . 2009-02-18 16:40 21,717,504 --a------ c:\windows\System32\Valentine Musicbox 3D Screensaver.exe 2009-02-26 09:45 . 2009-02-18 17:46 1,041,920 --a------ c:\windows\System32\Valentine_Musicbox_3D_Screensaver.scr 2009-02-24 08:58 . 2009-02-24 09:03 <REP> d-------- c:\program files\Luxand 2009-02-24 08:57 . 2009-02-24 08:57 <REP> d-------- C:\Gst 2009-02-23 23:17 . 2009-02-23 23:17 <REP> d-------- c:\program files\Debugmode 2009-02-23 23:17 . 2009-02-23 23:17 <REP> d-------- c:\program files\Common Files\debugmode 2009-02-23 23:08 . 2009-02-23 23:09 <REP> d-------- C:\Mng 2009-02-23 22:37 . 2009-02-23 22:37 1,496,576 ---h----- c:\windows\System32\wodfamop.dll 2009-02-23 22:36 . 2009-02-23 23:08 <REP> d-------- c:\program files\Digital Photo Software 2009-02-23 16:46 . 2009-02-23 18:17 815 --a------ C:\rtsr_eml_sr.dat 2009-02-23 16:46 . 2009-02-23 18:17 128 --a------ C:\dwl.dat 2009-02-23 16:27 . 2009-02-23 16:27 16 --a------ C:\asdict.dat 2009-02-22 17:04 . 2009-02-22 17:04 <REP> d-------- c:\program files\UnH Solutions 2009-02-22 16:24 . 2009-02-23 22:03 <REP> d-------- c:\program files\FaceMorpher 2009-02-22 15:36 . 2009-02-22 16:12 <REP> d-------- c:\program files\FaceMorpher Lite 2009-02-22 15:01 . 2009-02-22 15:01 <REP> d-------- c:\users\jacques\AppData\Roaming\Malwarebytes 2009-02-22 15:01 . 2009-02-22 15:01 <REP> d-------- c:\users\All Users\Malwarebytes 2009-02-22 15:01 . 2009-02-22 15:01 <REP> d-------- c:\programdata\Malwarebytes 2009-02-22 15:01 . 2009-02-22 15:01 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware 2009-02-22 15:01 . 2009-02-11 10:19 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys 2009-02-22 15:01 . 2009-02-11 10:19 15,504 --a------ c:\windows\System32\drivers\mbam.sys 2009-02-22 10:20 . 2009-02-22 15:21 <REP> d-------- c:\program files\Caricature Software 2009-02-19 21:30 . 2009-02-19 21:30 <REP> d-------- c:\program files\MailControl 2009-02-19 21:30 . 2005-11-16 17:37 167,936 --a------ c:\windows\System32\Mcontrolxp32.dll 2009-02-19 21:30 . 2004-07-08 18:33 49,152 --a------ c:\windows\System32\AOMTrace.dll 2009-02-15 20:45 . 2009-02-15 20:46 <REP> d-------- c:\users\jacques\Library 2009-02-15 20:37 . 2009-02-15 20:51 <REP> d-------- c:\users\jacques\AppData\Roaming\calibre 2009-02-15 16:09 . 2009-02-15 16:15 <REP> d-------- c:\program files\Photosynth 2009-02-15 10:36 . 2009-02-15 10:37 348,579,225 --a------ c:\windows\MEMORY.DMP 2009-02-15 07:18 . 2009-02-15 07:18 <REP> d-------- c:\program files\Microsoft Office Outlook Connector 2009-02-14 18:47 . 2009-02-14 18:47 43 --a------ c:\windows\gswin32.ini 2009-02-14 18:43 . 2009-02-14 18:43 <REP> d-------- c:\program files\gs 2009-02-14 16:32 . 2009-02-14 18:11 <REP> d-------- c:\program files\IrfanView 2009-02-13 18:29 . 2009-02-13 18:29 <REP> d-------- c:\program files\Turtix 2 - Rescue Adventures 2009-02-11 07:18 . 2009-01-15 04:36 1,383,424 --a------ c:\windows\System32\mshtml.tlb 2009-02-11 07:18 . 2009-01-15 07:11 827,392 --a------ c:\windows\System32\wininet.dll 2009-02-10 20:37 . 2009-02-10 20:37 <REP> d-------- c:\users\jacques\AppData\Roaming\System Tweaker 2009-02-10 20:30 . 2009-02-10 20:30 <REP> d-------- c:\program files\Jufsoft 2009-02-10 19:40 . 2009-02-28 17:23 <REP> d-------- c:\users\jacques\AppData\Roaming\Uniblue 2009-02-10 19:39 . 2009-02-28 17:21 <REP> d-------- c:\program files\Uniblue 2009-02-10 19:38 . 2009-02-10 19:39 <REP> d--h-c--- c:\users\All Users\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185} 2009-02-10 19:38 . 2009-02-10 19:39 <REP> d--h-c--- c:\programdata\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185} 2009-02-08 19:34 . 2009-02-13 17:26 <REP> d-------- c:\program files\Common Files\muvee Technologies 2009-02-08 19:33 . 2007-02-08 19:30 1,079,808 --a------ c:\windows\System32\mfc80u.dll 2009-02-08 19:33 . 2007-02-08 19:30 626,688 --a------ c:\windows\System32\msvcr80.dll 2009-02-08 19:33 . 2007-02-08 19:30 548,864 --a------ c:\windows\System32\msvcp80.dll 2009-02-08 19:33 . 2007-02-08 19:30 95,744 --a------ c:\windows\System32\atl80.dll 2009-02-08 10:13 . 2009-02-08 10:13 <REP> d--h----- c:\program files\InstallJammer Registry 2009-02-08 10:13 . 2009-02-08 10:13 <REP> d-------- c:\program files\calibre 2009-02-08 10:09 . 2009-02-27 09:08 <REP> d-------- C:\DSynchronize 2009-02-07 08:42 . 2009-02-04 20:58 51,622,242 --a------ c:\users\Public\codec-video-PRO.exe 2009-02-07 08:02 . 2009-02-07 08:05 25,839,688 --a------ c:\users\Public\wmp11-windowsxp-x86-FR-FR.exe 2009-02-06 19:39 . 2009-02-06 19:39 308,600 --a------ c:\windows\WLXPGSS.SCR 2009-02-06 18:52 . 2009-02-06 18:52 49,504 --a------ c:\windows\System32\sirenacm.dll 2009-02-04 23:42 . 2009-02-05 07:45 <REP> d-------- c:\program files\BitTorrent 2009-02-04 23:29 . 2009-02-28 19:18 <REP> d-------- c:\users\jacques\AppData\Roaming\BitTorrent 2009-02-04 21:18 . 2003-08-18 05:10 122,880 --a------ c:\windows\System32\directx.cpl 2009-02-04 21:18 . 2003-03-25 05:49 106,544 --a------ c:\windows\System32\tweakui.cpl 2009-02-04 21:18 . 2003-03-25 05:49 98,304 --a------ c:\windows\System32\startup.cpl 2009-02-04 21:18 . 2004-02-17 10:11 53,248 --a------ c:\windows\System32\vp6dec_settings.cpl 2009-02-04 21:18 . 2003-03-25 05:49 51,238 --a------ c:\windows\System32\tweakui.hlp 2009-02-04 21:17 . 2009-02-04 21:18 <REP> d-------- c:\program files\ACE Mega CoDecS Pack 2009-02-04 21:03 . 2009-03-01 16:03 <REP> d-------- c:\users\jacques\AppData\Roaming\DNA 2009-02-04 21:03 . 2009-03-01 16:03 <REP> d-------- c:\program files\DNA 2009-02-04 20:39 . 2009-02-04 20:46 8,256,292 --a------ c:\users\Public\eMulev0.49a.-MorphXTv11.0-installer.exe 2009-02-04 19:21 . 2009-02-04 19:21 <REP> d-------- c:\program files\AnmSMP 2009-02-04 08:29 . 2009-02-04 08:29 4,303,360 --a------ c:\windows\System32\drivers\atikmdag.sys 2009-02-04 06:02 . 2009-02-04 06:02 442,368 --a------ c:\windows\System32\ATIDEMGX.dll 2009-02-04 06:00 . 2009-02-04 06:00 274,432 --a------ c:\windows\System32\Oemdspif.dll 2009-02-04 06:00 . 2009-02-04 06:00 43,520 --a------ c:\windows\System32\ati2edxx.dll 2009-02-04 06:00 . 2009-02-04 06:00 11,264 --a------ c:\windows\System32\atimuixx.dll 2009-02-04 05:59 . 2009-02-04 05:59 286,720 --a------ c:\windows\System32\Ati2evxx.dll 2009-02-04 05:58 . 2009-02-04 05:58 729,088 --a------ c:\windows\System32\Ati2evxx.exe 2009-02-04 05:21 . 2009-02-04 05:21 121,808 --a------ c:\windows\System32\atiumdva.cap 2009-02-04 05:11 . 2009-02-04 05:11 11,366,400 --a------ c:\windows\System32\atioglxx.dll 2009-02-04 05:07 . 2009-02-04 05:07 131,072 --a------ c:\windows\System32\atiadlxx.dll 2009-02-04 05:07 . 2009-02-04 05:07 51,712 --a------ c:\windows\System32\amdpcom32.dll 2009-02-04 04:53 . 2009-02-04 04:53 53,248 --a------ c:\windows\System32\drivers\ati2erec.dll 2009-02-04 04:01 . 2009-02-04 04:01 57,344 --a------ c:\windows\System32\aticalrt.dll 2009-02-04 04:01 . 2009-02-04 04:01 53,248 --a------ c:\windows\System32\aticalcl.dll 2009-02-04 03:58 . 2009-02-04 03:58 3,252,224 --a------ c:\windows\System32\aticaldd.dll 2009-02-02 20:05 . 2009-02-02 20:05 <REP> d-------- c:\program files\cemail 2009-02-02 05:40 . 2009-02-02 13:09 <REP> d-------- c:\program files\InstStudioScrap-Kit-St-Valentin 2009-02-02 05:01 . 2009-02-02 05:10 <REP> d-------- c:\users\All Users\Studio-Scrap2 2009-02-02 05:01 . 2009-02-02 05:10 <REP> d-------- c:\programdata\Studio-Scrap2 2009-02-01 17:31 . 2009-02-02 05:32 <REP> d-------- c:\users\jacques\AppData\Roaming\Studio-Scrap2 2009-02-01 17:30 . 2009-02-02 07:41 <REP> d-------- c:\program files\Studio-Scrap 2009-02-01 16:35 . 2009-02-02 05:46 <REP> d-------- c:\program files\InstStudio-Scrap 2009-02-01 16:21 . 2009-02-01 16:22 172 --a------ c:\windows\MyHeritage.INI 2009-02-01 16:18 . 2009-02-01 16:18 <REP> d-------- c:\users\jacques\AppData\Roaming\MyHeritage 2009-02-01 16:18 . 2009-02-01 16:22 <REP> d-------- c:\users\All Users\MyHeritage 2009-02-01 16:18 . 2009-02-01 16:22 <REP> d-------- c:\programdata\MyHeritage 2009-02-01 16:16 . 2009-02-01 16:16 <REP> d-------- c:\users\jacques\AppData\Roaming\The Complete Genealogy Reporter - FTB 2009-02-01 16:16 . 2009-02-01 16:16 <REP> d-------- C:\MyHeritage 2009-02-01 16:16 . 2002-03-07 01:19 454,656 --a------ c:\windows\System32\PaintX.dll 2009-02-01 16:16 . 2003-07-06 14:07 372,736 --a------ c:\windows\System32\ijl15.dll 2009-02-01 08:04 . 2009-02-01 08:04 <REP> d-------- c:\program files\Artisteer 2 (Beta) 2009-02-01 07:55 . 2008-06-20 02:14 781,344 --a------ c:\windows\System32\PresentationNative_v0300.dll 2009-02-01 07:55 . 2008-06-20 02:14 622,080 --a------ c:\windows\System32\icardagt.exe 2009-02-01 07:55 . 2008-06-20 02:14 326,160 --a------ c:\windows\System32\PresentationHost.exe 2009-02-01 07:55 . 2008-06-20 02:14 105,016 --a------ c:\windows\System32\PresentationCFFRasterizerNative_v0300.dll 2009-02-01 07:55 . 2008-06-20 02:14 97,800 --a------ c:\windows\System32\infocardapi.dll 2009-02-01 07:55 . 2008-06-20 02:14 43,544 --a------ c:\windows\System32\PresentationHostProxy.dll 2009-02-01 07:55 . 2008-06-20 02:14 37,384 --a------ c:\windows\System32\infocardcpl.cpl 2009-02-01 07:55 . 2008-06-20 02:14 11,264 --a------ c:\windows\System32\icardres.dll 2009-02-01 07:39 . 2008-07-27 19:03 282,112 --a------ c:\windows\System32\mscoree.dll 2009-02-01 07:39 . 2008-07-27 19:03 158,720 --a------ c:\windows\System32\mscorier.dll 2009-02-01 07:39 . 2008-07-27 19:03 96,760 --a------ c:\windows\System32\dfshim.dll 2009-02-01 07:39 . 2008-07-27 19:03 41,984 --a------ c:\windows\System32\netfxperf.dll 2009-02-01 07:38 . 2008-07-27 19:03 83,968 --a------ c:\windows\System32\mscories.dll 2009-02-01 01:15 . 2009-02-01 01:15 <REP> d-------- c:\users\jacques\AppData\Roaming\Artisteer 2009-02-01 01:14 . 2009-02-01 08:03 <REP> d-------- c:\program files\Artisteer . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-03-01 15:04 --------- d---a-w c:\programdata\TEMP 2009-03-01 14:39 --------- d-----w c:\users\jacques\AppData\Roaming\Vista Start Menu 2009-03-01 13:07 --------- d-----w c:\program files\QuickTime 2009-03-01 11:42 --------- d-----w c:\users\jacques\AppData\Roaming\MailWasherPro 2009-03-01 09:20 --------- d-----w c:\programdata\Google Updater 2009-03-01 09:10 --------- d-----w c:\users\jacques\AppData\Roaming\MSN Pictures Displayer 2009-03-01 09:05 --------- d-----w c:\programdata\Ulead Systems 2009-03-01 09:05 --------- d-----w c:\programdata\Spybot - Search & Destroy 2009-02-28 06:56 --------- d-----w c:\program files\Microsoft Silverlight 2009-02-28 01:28 --------- d-----w c:\program files\Common Files\Wise Installation Wizard 2009-02-28 01:27 --------- d-----w c:\users\jacques\AppData\Roaming\SUPERAntiSpyware.com 2009-02-27 20:36 --------- d-----w c:\users\jacques\AppData\Roaming\GrabIt 2009-02-26 17:51 --------- d-----w c:\program files\ATI 2009-02-26 17:15 --------- d--h--w c:\program files\InstallShield Installation Information 2009-02-26 16:42 --------- d-----w c:\program files\ATI Technologies 2009-02-26 12:08 --------- d-----w c:\program files\Cordial 2009-02-26 08:46 --------- d-----w c:\program files\3Planesoft Screensaver Manager 2009-02-24 19:39 --------- d-----w c:\program files\Morpheus Photo Animation Suite 2009-02-24 17:55 --------- d-----w c:\program files\Abrosoft 2009-02-24 02:02 --------- d-----w c:\programdata\Microsoft Help 2009-02-23 17:17 132 ----a-w C:\httpdwl.dat 2009-02-23 17:13 --------- d-----w c:\users\jacques\AppData\Roaming\FileZilla 2009-02-22 18:45 --------- d-----w c:\users\jacques\AppData\Roaming\Desktopicon 2009-02-22 08:26 --------- d-----w c:\program files\MSECache 2009-02-20 00:05 --------- d-----w c:\program files\eMule 2009-02-19 17:02 --------- d-----w c:\program files\EasyBox 2009-02-19 12:18 --------- d-----w c:\programdata\SlySoft 2009-02-19 12:15 --------- d-----w c:\program files\SlySoft 2009-02-18 06:41 --------- d-----w c:\program files\Banque 3.0 Manager 2009-02-16 20:35 --------- d-----w c:\program files\FileZilla Client 2009-02-15 04:26 --------- d-----w c:\program files\Microsoft 2009-02-14 17:13 --------- d-----w c:\program files\iPod 2009-02-14 11:13 --------- d-----w c:\program files\Spybot - Search & Destroy 2009-02-13 12:18 --------- d-----w c:\program files\OLYMPUS 2009-02-12 02:01 --------- d-----w c:\program files\Windows Mail 2009-02-04 20:13 --------- d-----w c:\program files\DivX 2009-02-02 19:19 --------- d-----w c:\program files\Free-info 2009-02-02 19:12 --------- d-----w c:\program files\Passbox2007 2009-01-31 21:38 --------- d-----w c:\programdata\BitDefender 2009-01-31 21:26 --------- d-----w c:\users\jacques\AppData\Roaming\BitDefender 2009-01-31 21:26 --------- d-----w c:\program files\BitDefender 2009-01-31 21:25 --------- d-----w c:\program files\Common Files\BitDefender 2009-01-31 03:17 91,744 ----a-w c:\windows\BPMNT.dll 2009-01-31 03:17 1,213,784 ----a-w c:\windows\vsapi32.dll 2009-01-29 09:07 --------- d-----w c:\users\jacques\AppData\Roaming\Apple Computer 2009-01-29 08:42 --------- d-----w c:\users\jacques\AppData\Roaming\Avanquest 2009-01-29 08:42 --------- d-----w c:\programdata\BVRP Software 2009-01-29 08:42 --------- d-----w c:\programdata\Avanquest 2009-01-29 08:41 --------- d-----w c:\program files\Avanquest 2009-01-28 17:23 --------- d-----w c:\program files\CCleaner 2009-01-28 16:55 --------- d-----w c:\program files\Bonjour 2009-01-27 21:04 --------- d-----w c:\users\jacques\AppData\Roaming\ATI 2009-01-27 20:06 --------- d-----w c:\program files\DIFX 2009-01-27 20:06 --------- d-----w c:\program files\Common Files\ATI Technologies 2009-01-27 20:03 --------- d-----w c:\program files\USB TV 2009-01-27 19:36 --------- d-----w c:\program files\Intel 2009-01-27 19:18 --------- d-----w c:\program files\Logitech 2009-01-27 19:15 --------- d-----w c:\programdata\Logishrd 2009-01-27 17:45 --------- d-----w c:\program files\ma-config.com 2009-01-27 17:44 --------- d-----w c:\programdata\ma-config.com 2009-01-27 08:04 --------- d-----w c:\users\jacques\AppData\Roaming\GoodSync 2009-01-25 17:56 --------- d-----w c:\program files\Recover Keys 2009-01-25 14:59 --------- d-----w c:\program files\Samsung 2009-01-25 14:16 --------- d-----w c:\programdata\Apple Computer 2009-01-25 14:16 --------- d-----w c:\program files\Common Files\Apple 2009-01-25 08:44 --------- d-----w c:\program files\Common Files\L&H 2009-01-25 08:40 --------- d-----w c:\program files\Microsoft Reader 2009-01-21 03:46 --------- d-----w c:\users\jacques\AppData\Roaming\OnlineStorage 2009-01-21 03:45 --------- d-----w c:\program files\mes données 2009-01-18 17:04 --------- d-----w c:\program files\Google 2009-01-17 19:46 --------- d-----w c:\users\jacques\AppData\Roaming\Cordial 2009-01-17 19:41 --------- d-----w c:\program files\SWF To Video Scout PRO 2009-01-17 19:41 --------- d-----w c:\program files\SWF Printer Pro 2009-01-17 19:41 --------- d-----w c:\program files\MesNews 2009-01-17 19:41 --------- d-----w c:\program files\Eltima Software 2009-01-17 18:03 --------- d-----w c:\users\jacques\AppData\Roaming\Zylom 2009-01-17 18:02 --------- d-----w c:\users\jacques\AppData\Roaming\Skip-Bo 2009-01-17 18:02 --------- d-----w c:\program files\Zylom Games 2009-01-17 17:56 --------- d-----w c:\programdata\Zylom 2009-01-17 07:57 --------- d-----w c:\program files\Java 2009-01-15 07:29 --------- d-----w c:\program files\Universal Extractor 2009-01-14 07:08 --------- d-----w c:\program files\Jerrycan 2009-01-12 20:44 --------- d-----w c:\program files\Messenger Plus! Live 2009-01-12 07:11 --------- d-----w c:\program files\Common Files\SourceTec 2009-01-08 21:10 --------- d-----w c:\program files\Ricochet - Infinity 2009-01-06 19:56 --------- d-----w c:\users\jacques\AppData\Roaming\Photo! 3D Album 2009-01-06 07:33 --------- d-----w c:\program files\AVS4YOU 2009-01-06 04:47 --------- d-----w c:\users\jacques\AppData\Roaming\Jasc 2009-01-06 04:46 --------- d-----w c:\program files\Jasc Software Inc 2009-01-06 04:37 --------- d-----w c:\program files\JanSoft 2009-01-06 04:28 --------- d-----w c:\program files\PhotoFiltre Studio 2009-01-04 07:55 --------- d-----w c:\users\jacques\AppData\Roaming\Babylon 2009-01-04 07:11 --------- d-----w c:\users\jacques\AppData\Roaming\GetRightToGo 2009-01-04 00:32 --------- d-----w c:\users\jacques\AppData\Roaming\Aventail 2009-01-03 21:30 --------- d-----w c:\program files\FreeGo 2009-01-03 10:33 --------- d-----w c:\program files\KC Softwares 2009-01-02 15:52 --------- d-----w c:\users\jacques\AppData\Roaming\AVS4YOU 2009-01-01 19:56 --------- d-----w c:\program files\Micro Application 2008-12-30 01:53 71,749 ----a-w c:\windows\hcextoutput.dll 2008-12-30 01:53 69,689 ----a-w c:\windows\UNZIP.DLL 2006-05-24 14:38 233,472 ----a-w c:\program files\mozilla firefox\plugins\CrazyTalk4Native.dll 2006-05-18 15:00 204,895 ----a-w c:\program files\mozilla firefox\plugins\ctdomemhelper.dll 2005-09-29 12:41 77,824 ----a-w c:\program files\mozilla firefox\plugins\ctframeplayerobject.dll 2006-05-18 14:59 426,081 ----a-w c:\program files\mozilla firefox\plugins\ctplayerobject.dll 2005-02-02 10:19 458,752 ----a-w c:\program files\mozilla firefox\plugins\imagickrt.dll 2006-04-10 16:35 139,264 ----a-w c:\program files\mozilla firefox\plugins\rlcontentclass.dll 2005-11-09 09:10 204,800 ----a-w c:\program files\mozilla firefox\plugins\RLMusicPacker.dll 2005-11-09 09:42 106,496 ----a-w c:\program files\mozilla firefox\plugins\RLMusicUnpacker.dll 2006-01-04 09:22 212,992 ----a-w c:\program files\mozilla firefox\plugins\RLVoicePacker.dll 2006-01-04 09:21 167,936 ----a-w c:\program files\mozilla firefox\plugins\RLVoiceUnpacker.dll 2008-12-16 16:52 61,440 ----a-w c:\program files\mozilla firefox\components\FFComm.dll 2008-04-22 16:44 122,880 ----a-w c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll 2008-04-13 10:38 848 --sha-w c:\windows\System32\KGyGaAvL.sys . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920] "Integration de Cordial"="c:\program files\CORDIAL\DLL_32\INTEGRATION_CORDIAL.EXE" [2008-10-06 450632] "ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-03-20 213936] "ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2006-03-20 213936] "MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-02-15 3885408] "VistaStartMenu"="c:\program files\Vista Start Menu\VistaStartMenu.exe" [2008-07-09 1331200] "RoboForm"="c:\program files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2008-12-25 160592] "Web Video Downloader"="c:\program files\SourceTec\Sothink Web Video Downloader Stand-alone\VideoDownloader.exe" [2008-11-24 3257616] "1&1 EasyLogin"="c:\program files\1&1\1&1 EasyLogin\EasyLogin.exe" [2009-02-13 2200576] "BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2009-02-04 342848] "SEO Soft"="c:\stat(2)\stat.exe" [2009-02-24 581632] "OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2008-11-07 95536] "SynapseUpdate"="c:\program files\Synapse Développement\Synapse Update\Synapse Update.exe" [2008-06-17 491520] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-04-22 29744] "WrtMon.exe"="c:\windows\system32\spool\drivers\w32x86\3\WrtMon.exe" [2006-09-20 20480] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-12-04 186904] "BDAgent"="c:\program files\BitDefender\BitDefender 2009\bdagent.exe" [2009-01-09 741376] "BitDefender Antiphishing Helper"="c:\program files\BitDefender\BitDefender 2009\IEShow.exe" [2008-10-17 69632] "OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" [2008-11-07 54576] "Agent BanqueManager"="c:\program files\Banque 3.0 Manager\Bin\Bq30tna.exe" [2009-01-31 3587072] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-02-03 61440] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-10-10 c:\windows\KHALMNPR.Exe] c:\users\jacques\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ MemInfo.lnk.disabled [2008-09-14 1686] MSN Pictures Displayer.lnk - c:\program files\MSN Pictures Displayer\MSN Pictures Displayer.exe [2008-03-15 4571136] Stardock ObjectDock.lnk - c:\program files\Stardock\ObjectDock\ObjectDock.exe [2008-10-12 3581680] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-02-26 809488] SetPointII.lnk - c:\program files\Logitech\SetPoint II\SetpointII.exe [2008-11-13 323584] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) "EnableLUA"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) "SynchronousMachineGroupPolicy"= 0 (0x0) "SynchronousUserGroupPolicy"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoStrCmpLogical"= 1 (0x1) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoRecentDocsNetHood"= 1 (0x1) "NoResolveTrack"= 0 (0x0) "NoSMBalloonTip"= 1 (0x1) "NoWelcomeScreen"= 1 (0x1) "TaskbarNoNotification"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "vidc.mjpg"= pvmjpg30.dll "msacm.sl_anet"= c:\progra~1\ACEMEG~1\SystemS\sl_anet.acm "vidc.yv12"= c:\progra~1\ACEMEG~1\SystemS\ATI\atiyuv12.DLL "vidc.divx"= c:\progra~1\ACEMEG~1\SystemS\DivX\DivX520.dll "vidc.iyuv"= c:\progra~1\ACEMEG~1\SystemS\Intel\iyuv_32.dll "vidc.yvu9"= c:\progra~1\ACEMEG~1\SystemS\Intel\Iyvu9_32.dll "vidc.uyvy"= c:\progra~1\ACEMEG~1\SystemS\MICROS~1\msyuv.dll "vidc.yuy2"= c:\progra~1\ACEMEG~1\SystemS\MICROS~1\msyuv.dll "vidc.yvyu"= c:\progra~1\ACEMEG~1\SystemS\MICROS~1\msyuv.dll "msacm.msaudio1"= c:\progra~1\ACEMEG~1\SystemS\MICROS~1\msaud32.acm "msacm.iac2"= c:\progra~1\ACEMEG~1\SystemS\Intel\iac25_32.ax [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BDARemote.lnk] backup=c:\windows\pss\BDARemote.lnk.CommonStartup backupExtension=.CommonStartup [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech SetPoint.lnk] backup=c:\windows\pss\Logitech SetPoint.lnk.CommonStartup backupExtension=.CommonStartup [HKLM\~\startupfolder\C:^Users^jacques^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MSN Pictures Displayer.lnk] path=c:\users\jacques\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MSN Pictures Displayer.lnk backup=c:\windows\pss\MSN Pictures Displayer.lnk.Startup backupExtension=.Startup [HKLM\~\startupfolder\C:^Users^jacques^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Outil de notification Live Search.lnk] backup=c:\windows\pss\Outil de notification Live Search.lnk.Startup backupExtension=.Startup HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ulcjfne [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\1&1 EasyLogin] --------- 2009-02-13 15:45 2200576 c:\program files\1&1\1&1 EasyLogin\EasyLogin.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Scheduler2 Service] --a------ 2008-10-29 00:22 165144 c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AcronisTimounterMonitor] --a------ 2008-10-29 00:29 961432 c:\program files\Acronis\TrueImageHome\TimounterMonitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] --a------ 2008-10-15 01:04 39792 c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Agent Banque 3.0 Manager] --a------ 2009-01-31 19:04 3587072 c:\program files\Banque 3.0 Manager\Bin\Bq30tna.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Agent BanqueManager] --a------ 2009-01-31 19:04 3587072 c:\program files\Banque 3.0 Manager\Bin\Bq30tna.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AnyDVD] --a------ 2008-03-28 16:33 1743808 c:\program files\SlySoft\AnyDVD\AnyDVDtray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier] c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [bU] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray] --a------ 2006-09-28 20:21 57344 c:\program files\SlySoft\CloneCD\CloneCDTray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eMuleAutoStart] --a------ 2008-05-19 20:32 5877760 c:\program files\eMule\emule.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Eraser] --a------ 2007-12-23 00:03 916240 c:\program files\Eraser\Eraser.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Family Tree Builder Update] --a------ 2009-01-14 14:49 113680 c:\myheritage\Bin\FTBCheckUpdates.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanceurEasyBox] --a------ 2007-02-23 20:42 499699 c:\program files\EasyBox\EasyBox.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OM2_Monitor] --a------ 2008-11-07 13:50 95536 c:\program files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] --a------ 2009-01-05 16:18 413696 c:\program files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SEO Soft] --a------ 2009-02-24 08:52 581632 c:\stat(2)\stat.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmsDiscount] --a------ 2008-09-15 17:23 8986936 c:\program files\SmsDiscount.com\SmsDiscount\SmsDiscount.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer] -rahs---- 2009-01-26 15:31 2144088 c:\program files\Spybot - Search & Destroy\TeaTimer.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC] --a------ 2009-02-03 22:21 61440 c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] --a------ 2008-11-11 11:01 136600 c:\program files\Java\jre6\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynapseUpdate] --a------ 2008-06-17 11:46 491520 c:\program files\Synapse Développement\Synapse Update\Synapse Update.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sync2] --a------ 2008-12-08 17:58 2807304 c:\program files\4Team Corporation\Sync2\Sync2.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe] --a------ 2008-12-09 11:12 234856 c:\program files\TomTom HOME 2\HOMERunner.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe] --a------ 2008-10-29 00:03 4375312 c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TweakVI] --a------ 2008-08-18 10:21 6034080 c:\program files\TweakVI\TweakVI.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue RegistryBooster 2009] --a------ 2008-08-26 17:48 99624 c:\program files\Uniblue\RegistryBooster\StartRegistryBooster.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant] --a------ 2008-05-02 05:15 15872 c:\program files\Unlocker\UnlockerAssistant.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePDRShortCut] --------- 2008-01-04 10:02 222504 c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender] --a------ 2008-01-21 03:23 1008184 c:\program files\Windows Defender\MSASCui.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile-based device management] --a------ 2007-01-24 11:21 563080 c:\windows\WindowsMobile\wmdc.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG] --a------ 2008-01-21 03:25 202240 c:\program files\Windows Media Player\wmpnscfg.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer] --a------ 2008-10-10 14:46 69632 c:\windows\KHALMNPR.Exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpAgent] OpAgent.exe [bU] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "<NO NAME>"= "OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" "WMPNSCFG"=c:\program files\Windows Media Player\WMPNSCFG.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" /OM "UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" "Windows Mobile Device Center"=%windir%\WindowsMobile\wmdc.exe "Windows Mobile-based device management"=%windir%\WindowsMobile\wmdc.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-1320545634-427508009-685320544-1000] "EnableNotificationsRef"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{9C7868E3-3CD7-4B6F-9E8C-7F2B35D70C7E}"= UDP:990:LocalSubnet:LocalSubnet|IF={23F078B8-8EFF-4967-8CA6-F11BBC724676}|%SystemRoot%\system32\svchost.exe|Svc=rapimgr:@%systemroot%\WindowsMobile\wmdc.exe,-4001 "{A0179BE3-2943-4253-9B0E-33BAA993B7BE}"= UDP:26675:LocalSubnet:LocalSubnet|IF={23F078B8-8EFF-4967-8CA6-F11BBC724676}:@%systemroot%\WindowsMobile\wmdc.exe,-4006 "{D80A629B-E0A0-4784-9338-9C01B6E3A711}"= UDP:999:LocalSubnet:LocalSubnet|IF={23F078B8-8EFF-4967-8CA6-F11BBC724676}|%systemroot%\WindowsMobile\wmdHost.exe:@%systemroot%\WindowsMobile\wmdc.exe,-4005 "{9587C78C-B3D3-49DE-B0C8-B788E1923AB5}"= UDP:5678:LocalSubnet:LocalSubnet|IF={23F078B8-8EFF-4967-8CA6-F11BBC724676}|%systemroot%\WindowsMobile\wmdHost.exe:@%systemroot%\WindowsMobile\wmdc.exe,-4004 "{7E5556C4-508B-4054-81A0-59AD8CBA3468}"= UDP:1034:LocalSubnet:LocalSubnet|IF={23F078B8-8EFF-4967-8CA6-F11BBC724676}:@%systemroot%\WindowsMobile\wmdc.exe,-4003 "{984ABB2D-8979-425C-9B16-406F630802D1}"= UDP:5721:LocalSubnet:LocalSubnet|IF={23F078B8-8EFF-4967-8CA6-F11BBC724676}:@%systemroot%\WindowsMobile\wmdc.exe,-4002 "{F4F0F587-6A8F-4515-8EAA-06E4398C0D66}"= UDP:26675:LocalSubnet:LocalSubnet|IF={41D93B04-5CB3-4886-AB27-4C19E0B52483}:@%systemroot%\WindowsMobile\wmdc.exe,-4006 "{1ED71D26-17BF-4548-B67C-DF88CB9639BD}"= UDP:999:LocalSubnet:LocalSubnet|IF={41D93B04-5CB3-4886-AB27-4C19E0B52483}|%systemroot%\WindowsMobile\wmdHost.exe:@%systemroot%\WindowsMobile\wmdc.exe,-4005 "{B67F03B0-71AB-429F-9024-F7FD44B15CDD}"= UDP:5678:LocalSubnet:LocalSubnet|IF={41D93B04-5CB3-4886-AB27-4C19E0B52483}|%systemroot%\WindowsMobile\wmdHost.exe:@%systemroot%\WindowsMobile\wmdc.exe,-4004 "{A85DFA2A-4097-4765-B0B9-E5FD24C877F7}"= UDP:1034:LocalSubnet:LocalSubnet|IF={41D93B04-5CB3-4886-AB27-4C19E0B52483}:@%systemroot%\WindowsMobile\wmdc.exe,-4003 "{8F500B56-6732-48E2-B80F-BECDDF175AFA}"= UDP:26675:LocalSubnet:LocalSubnet|IF={8D9AC832-E965-4DB8-A32A-43FB54289002}:@%systemroot%\WindowsMobile\wmdc.exe,-4006 "{C2DDEF97-7432-4BF0-9E4F-DBC9AE808FD2}"= UDP:999:LocalSubnet:LocalSubnet|IF={8D9AC832-E965-4DB8-A32A-43FB54289002}|%systemroot%\WindowsMobile\wmdHost.exe:@%systemroot%\WindowsMobile\wmdc.exe,-4005 "{9E7B07FA-D661-41A4-91A8-82B3B04308D3}"= UDP:5678:LocalSubnet:LocalSubnet|IF={8D9AC832-E965-4DB8-A32A-43FB54289002}|%systemroot%\WindowsMobile\wmdHost.exe:@%systemroot%\WindowsMobile\wmdc.exe,-4004 "{3A90038F-6B23-4D8E-B709-B3CBBB870AD0}"= UDP:1034:LocalSubnet:LocalSubnet|IF={8D9AC832-E965-4DB8-A32A-43FB54289002}:@%systemroot%\WindowsMobile\wmdc.exe,-4003 "{9EFD718D-E940-4769-886B-98A88A9EF897}"= UDP:26675:LocalSubnet:LocalSubnet|IF={8D9AC832-E965-4DB8-A32A-43FB54289002}:@%systemroot%\WindowsMobile\wmdc.exe,-4006 "{F3959967-FF18-4DD3-A1A6-CD2F7B95FD1D}"= UDP:999:LocalSubnet:LocalSubnet|IF={8D9AC832-E965-4DB8-A32A-43FB54289002}|%systemroot%\WindowsMobile\wmdHost.exe:@%systemroot%\WindowsMobile\wmdc.exe,-4005 "{EE157CEE-DE82-4200-8580-D7BCA96BB39A}"= UDP:5678:LocalSubnet:LocalSubnet|IF={8D9AC832-E965-4DB8-A32A-43FB54289002}|%systemroot%\WindowsMobile\wmdHost.exe:@%systemroot%\WindowsMobile\wmdc.exe,-4004 "{48B5C621-D083-41F2-BD5D-ED051D4C96DE}"= UDP:26675:LocalSubnet:LocalSubnet|IF={D15822B0-CEF0-4CCC-A985-DA3F22F5CD96}:@%systemroot%\WindowsMobile\wmdc.exe,-4006 "{7A56BDF3-2AC4-4561-99F5-005AFBC9EBA9}"= UDP:999:LocalSubnet:LocalSubnet|IF={D15822B0-CEF0-4CCC-A985-DA3F22F5CD96}|%systemroot%\WindowsMobile\wmdHost.exe:@%systemroot%\WindowsMobile\wmdc.exe,-4005 "{81564126-A615-40AC-A344-8974012ED03B}"= UDP:5678:LocalSubnet:LocalSubnet|IF={D15822B0-CEF0-4CCC-A985-DA3F22F5CD96}|%systemroot%\WindowsMobile\wmdHost.exe:@%systemroot%\WindowsMobile\wmdc.exe,-4004 "UDP Query User{5F3F678A-B976-4EBE-AFDE-E32FBD168DBE}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule "TCP Query User{0569C56C-C5DF-4844-A817-EEE08488D7E8}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule "{BC9E97A2-A4B2-42F1-A7BA-FA467CABF718}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook "{A22C8D67-8239-4262-9F2C-B20991DBC31F}"= UDP:5721:LocalSubnet:LocalSubnet|IF={B2DCB384-BB03-4215-9A34-9F7393CC616C}:@%systemroot%\WindowsMobile\wmdc.exe,-4002 "{07A531C6-3FE1-4FFD-9F2F-A1292D02E73A}"= UDP:1034:LocalSubnet:LocalSubnet|IF={B2DCB384-BB03-4215-9A34-9F7393CC616C}:@%systemroot%\WindowsMobile\wmdc.exe,-4003 "{94E880DE-9DD7-4209-B654-47E1318741F6}"= UDP:5678:LocalSubnet:LocalSubnet|IF={B2DCB384-BB03-4215-9A34-9F7393CC616C}|%systemroot%\WindowsMobile\wmdHost.exe:@%systemroot%\WindowsMobile\wmdc.exe,-4004 "{94BA8307-FB18-494B-823E-52998D5766BA}"= UDP:999:LocalSubnet:LocalSubnet|IF={B2DCB384-BB03-4215-9A34-9F7393CC616C}|%systemroot%\WindowsMobile\wmdHost.exe:@%systemroot%\WindowsMobile\wmdc.exe,-4005 "{512C041F-1091-4B0D-A39D-433AFE79F3D4}"= UDP:26675:LocalSubnet:LocalSubnet|IF={B2DCB384-BB03-4215-9A34-9F7393CC616C}:@%systemroot%\WindowsMobile\wmdc.exe,-4006 "{A1B7E0B9-E90B-4E36-BA6D-E7BE2C38ED83}"= UDP:990:LocalSubnet:LocalSubnet|IF={B2DCB384-BB03-4215-9A34-9F7393CC616C}|%SystemRoot%\system32\svchost.exe|Svc=rapimgr:@%systemroot%\WindowsMobile\wmdc.exe,-4001 "{CF53B334-A48E-4C90-A2E3-64657E53CF7B}"= c:\program files\CyberLink\PowerDirector\PDR.EXE:CyberLink PowerDirector "{51AE049E-BC01-4E57-9A52-32AB59CECF03}"= UDP:5721:LocalSubnet:LocalSubnet|IF={A34882EA-709D-4B47-8E28-08294710C51B}:@%systemroot%\WindowsMobile\wmdc.exe,-4002 "{BD184F56-62FD-4484-AC8E-1CB65108BC0F}"= UDP:1034:LocalSubnet:LocalSubnet|IF={A34882EA-709D-4B47-8E28-08294710C51B}:@%systemroot%\WindowsMobile\wmdc.exe,-4003 "{891522A3-FAC9-4963-886E-4A5A30192C9E}"= UDP:5678:LocalSubnet:LocalSubnet|IF={A34882EA-709D-4B47-8E28-08294710C51B}|%systemroot%\WindowsMobile\wmdHost.exe:@%systemroot%\WindowsMobile\wmdc.exe,-4004 "{B8380BC8-A847-438F-8BE2-2BCD7791D2DA}"= UDP:999:LocalSubnet:LocalSubnet|IF={A34882EA-709D-4B47-8E28-08294710C51B}|%systemroot%\WindowsMobile\wmdHost.exe:@%systemroot%\WindowsMobile\wmdc.exe,-4005 "{CF9ED899-2E05-4B14-8B32-B55929F7687A}"= UDP:26675:LocalSubnet:LocalSubnet|IF={A34882EA-709D-4B47-8E28-08294710C51B}:@%systemroot%\WindowsMobile\wmdc.exe,-4006 "{3224753E-60F3-4E44-83B8-769254658B50}"= UDP:990:LocalSubnet:LocalSubnet|IF={A34882EA-709D-4B47-8E28-08294710C51B}|%SystemRoot%\system32\svchost.exe|Svc=rapimgr:@%systemroot%\WindowsMobile\wmdc.exe,-4001 "{D16E92C6-BBBE-40B6-99EA-89FEFD31871D}"= UDP:5721:LocalSubnet:LocalSubnet|IF={0AD3EBA3-34D3-4A3B-B553-540EEA71CD85}:@%systemroot%\WindowsMobile\wmdc.exe,-4002 "{AF860F04-DC96-440D-B22B-78B6A6D1B775}"= UDP:1034:LocalSubnet:LocalSubnet|IF={0AD3EBA3-34D3-4A3B-B553-540EEA71CD85}:@%systemroot%\WindowsMobile\wmdc.exe,-4003 "{978452AB-BAAD-405D-8EE3-3F8BC43050E6}"= UDP:5678:LocalSubnet:LocalSubnet|IF={0AD3EBA3-34D3-4A3B-B553-540EEA71CD85}|%systemroot%\WindowsMobile\wmdHost.exe:@%systemroot%\WindowsMobile\wmdc.exe,-4004 "{5E081708-A843-42EC-BBD3-A074C92A4B61}"= UDP:999:LocalSubnet:LocalSubnet|IF={0AD3EBA3-34D3-4A3B-B553-540EEA71CD85}|%systemroot%\WindowsMobile\wmdHost.exe:@%systemroot%\WindowsMobile\wmdc.exe,-4005 "{116DAC2E-86F4-45CD-B572-0FD127DE244C}"= UDP:26675:LocalSubnet:LocalSubnet|IF={0AD3EBA3-34D3-4A3B-B553-540EEA71CD85}:@%systemroot%\WindowsMobile\wmdc.exe,-4006 "{56AB9842-16F7-4356-B8DF-E33381CE6270}"= UDP:990:LocalSubnet:LocalSubnet|IF={0AD3EBA3-34D3-4A3B-B553-540EEA71CD85}|%SystemRoot%\system32\svchost.exe|Svc=rapimgr:@%systemroot%\WindowsMobile\wmdc.exe,-4001 "{36D86D0A-14C6-42BA-8F04-5B26028C6BDB}"= UDP:c:\program files\SmsDiscount.com\SmsDiscount\SmsDiscount.exe:SmsDiscount "{96AA97F0-78D4-4BD3-830B-2A537D6B6F50}"= TCP:c:\program files\SmsDiscount.com\SmsDiscount\SmsDiscount.exe:SmsDiscount "{B8AC6D0A-1960-4DF5-9019-F968E6F3477E}"= UDP:c:\program files\SmsDiscount.com\SmsDiscount\SmsDiscount.exe:SmsDiscount "{65B322A1-3CC1-402A-BC9A-84981E543D0B}"= TCP:c:\program files\SmsDiscount.com\SmsDiscount\SmsDiscount.exe:SmsDiscount "{EE3B27B1-015E-4987-AFA9-2B33C6C3AB42}"= UDP:5900:vnc5900 "{450793F4-53B2-4BCB-AF18-87730A51CD63}"= UDP:5800:vnc5800 "{20D0B7FC-D699-4645-8A95-ED6CE3BBF332}"= UDP:c:\program files\UltraVNC\vncviewer.exe:vncviewer.exe "{AA239E3B-21A1-469F-9B33-1775C4900D07}"= TCP:c:\program files\UltraVNC\vncviewer.exe:vncviewer.exe "{B65154AD-0545-4F5E-BF24-6E9DB356D25E}"= UDP:c:\program files\Pinnacle\Studio 12\Programs\RM.exe:Render Manager "{45290354-54E2-41E0-B839-8FCF9E90B368}"= TCP:c:\program files\Pinnacle\Studio 12\Programs\RM.exe:Render Manager "{E775275F-E2F5-493C-972B-1AF08FAD1437}"= UDP:c:\program files\Pinnacle\Studio 12\Programs\Studio.exe:Studio "{965BA949-C426-4CF5-8A76-9C6022885668}"= TCP:c:\program files\Pinnacle\Studio 12\Programs\Studio.exe:Studio "{B2C4F9BF-3750-42F9-B48F-12FF667DF848}"= UDP:c:\program files\Pinnacle\Studio 12\Programs\umi.exe:umi "{88C88D86-62D0-42D4-8ADB-266914D10157}"= TCP:c:\program files\Pinnacle\Studio 12\Programs\umi.exe:umi "{80F7876E-4BAC-4BF1-802D-394E2FAC4F81}"= UDP:48113:LocalSubnet:LocalSubnet:maconfig_tcp "{5046F2D2-5DD4-4226-BF7C-59A09B94533E}"= TCP:48113:LocalSubnet:LocalSubnet:maconfig_udp "{78A386AA-FC73-4EDC-9569-8804B911D31B}"= UDP:c:\program files\ma-config.com\maconfservice.exe:maconfservice "{4C3FCDCF-8051-4D70-ADDC-1B70F3BA6F68}"= TCP:c:\program files\ma-config.com\maconfservice.exe:maconfservice "{C5C562B3-DB6D-4E56-B148-2A62D873020D}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour "{AC49E56B-E05A-4251-8AED-AB154CACC17C}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour "{A612685A-87AC-4D50-BA59-134D10608439}"= UDP:c:\program files\DNA\btdna.exe:DNA (TCP-In) "{357020E3-3FBB-4AB4-8F7E-A86E1F3E314A}"= TCP:c:\program files\DNA\btdna.exe:DNA (UDP-In) "TCP Query User{16225431-C1FF-4DD0-8DA7-5BBB4227F3D7}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMuleMorphXT "UDP Query User{9A273C64-1EB2-4209-8D4D-92AD9DC4642C}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMuleMorphXT "{F4766DAA-37B1-4DBA-9210-748C59A84644}"= UDP:c:\program files\BitTorrent\BitTorrent.exe:BitTorrent (TCP-In) "{951915D1-1D92-462F-832B-6FA6E1B3703A}"= TCP:c:\program files\BitTorrent\BitTorrent.exe:BitTorrent (UDP-In) "{E6CEEEAF-3C3C-48C3-97BF-2D3785DC36DB}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync "{D49BD31F-382E-4AA5-AED9-0A6E44E8CBD8}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync [HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List] "c:\\Program Files\\BitTorrent\\bittorrent.exe"= c:\program files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent R0 pe3aqb2b;Lettriq Environment Driver (pe3aqb2b);c:\windows\System32\drivers\pe3aqb2b.sys [2008-06-06 68720] R0 pf2aqb2b;Lettriq File System Driver (pf2aqb2b);c:\windows\System32\drivers\pf2aqb2b.sys [2008-06-06 83568] R0 snapman380;Acronis Snapshots Manager (Build 380);c:\windows\System32\drivers\snman380.sys [2008-11-07 134272] R0 tdrpman147;Acronis Try&Decide and Restore Points filter (build 147);c:\windows\System32\drivers\tdrpm147.sys [2008-11-07 971232] R1 Odptdi;Odptdi;c:\windows\System32\drivers\odptdi.sys [2008-09-21 46744] R2 BDVEDISK;BDVEDISK;c:\program files\BitDefender\BitDefender 2009\BDVEDISK.sys [2008-10-06 82696] R3 bdfm;BDFM;c:\windows\System32\drivers\bdfm.sys [2008-09-18 111112] R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;c:\windows\System32\drivers\bdfndisf.sys [2008-10-17 104328] S3 Arrakis3;BitDefender Arrakis Server;c:\program files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe [2008-07-17 118784] S3 GoogleDesktopManager-022208-143751;Google Desktop Manager 5.7.802.22438;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2008-03-16 29744] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc bdx REG_MULTI_SZ scan bthsvcs REG_MULTI_SZ BthServ WindowsMobile REG_MULTI_SZ wcescomm rapimgr LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1e77fbd4-1148-11dd-82d0-0019d1387982}] \shell\AutoRun\command - H:\InstallTomTomHOME.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{558fb7f8-f3f4-11dc-967a-0019d1387982}] \shell\AutoRun\command - F:\start.exe \shell\FramaKey\command - F:\start.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{56e1763e-03ae-11dd-9bc3-0019d1387982}] \shell\AutoRun\command - E:\PortableRoboForm.exe \shell\RoboForm2Go\command - E:\PortableRoboForm.exe . Contenu du dossier 'Tâches planifiées' 2009-03-01 c:\windows\Tasks\User_Feed_Synchronization-{1E742D1F-C241-4604-92B9-3F1165097C90}.job - c:\windows\system32\msfeedssync.exe [2008-01-21 03:25] . - - - - ORPHELINS SUPPRIMES - - - - WebBrowser-{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - (no file) . ------- Examen supplémentaire ------- . uStart Page = about:blank uInternet Settings,ProxyOverride = *.local IE: &Point&&Go - c:\program files\Common Files\Expert System\PGPlatform\PGPlatform.htm IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Barre RoboForm IE: Consulter les dictionnaires (SYSTRAN) IE: E&xporter vers Microsoft Excel IE: Enregistrer le formulaire IE: Personnaliser le menu IE: Remplir le formulaire IE: Sothink SWF Catcher IE: Traduire (SYSTRAN) IE: {{FBF9D685-BF2D-4337-9865-A4F86CC8A8CA} - c:\program files\SWF To Video Scout PRO\flashextract.exe Trusted Zone: secuser.com\www TCP: {C0A72E0C-7647-4816-BAC9-1DAEBFB2FD5F} = 212.27.40.241,212.27.40.240 FF - ProfilePath - c:\users\jacques\AppData\Roaming\Mozilla\Firefox\Profiles\bbvnnig1.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1434207&SearchSource=3&q= FF - prefs.js: browser.startup.homepage - chrome://fastdial/content/fastdial.html FF - component: c:\program files\Mozilla Firefox\components\FFComm.dll FF - component: c:\program files\Mozilla Firefox\components\GoogleDesktopMozilla.dll FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll FF - component: c:\users\jacques\AppData\Roaming\Mozilla\Firefox\Profiles\bbvnnig1.default\extensions\{a6e4a4eb-d169-4e99-8988-250fcbafe767}\components\FFAlert.dll FF - component: c:\users\jacques\AppData\Roaming\Mozilla\Firefox\Profiles\bbvnnig1.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\components\ipc.dll FF - plugin: c:\program files\ACE Mega CoDecS Pack\SystemS\RealMedia\Browser\plugins\nppl3260.dll FF - plugin: c:\program files\ACE Mega CoDecS Pack\SystemS\RealMedia\Browser\plugins\nprpjplug.dll FF - plugin: c:\program files\Google\Google Updater\2.4.1368.5602\npCIDetect13.dll FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npbittorrent.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npgcplug.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npOGAPlugin.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npornap.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npracplug.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npRLCT4Player.dll FF - plugin: c:\program files\Photosynth\npPhotosynthMozilla.dll FF - plugin: c:\program files\Picasa2\npPicasa2.dll FF - plugin: c:\program files\Real\RealArcade\Plugins\Mozilla\npracplug.dll FF - plugin: c:\program files\Virtual Earth 3D\npVE3D.dll FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: c:\users\jacques\AppData\Roaming\Mozilla\plugins\npPxPlay.dll . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-03-01 16:05:48 Windows 6.0.6001 Service Pack 1 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... c:\users\jacques\AppData\Local\Temp\wmplog00.sqm 1394 bytes c:\windows\TEMP\TMP0000001F7CC35786DF762898 524288 bytes executable ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_USERS\S-1-5-21-1320545634-427508009-685320544-1000_Classes\Software\CLASSES\CLSID\{15A8C73A-AC8B-AB90-FA5B-22A50E7BCCD4}*\InprocServer32] "{15A8C73A-AC8B-AB90-FA5B-22A50E7BCCD4}"=hex:29,57,45,94,9e,c9,81,2a,84,d2,e2, 15,f3,7e,da,d8,ea,7d,02,0a,61,58,9a,6f,29,57,45,94,9e,c9,81,2a,29,57,45,94,\ [HKEY_USERS\S-1-5-21-1320545634-427508009-685320544-1000_Classes\Software\CLASSES\CLSID\{47AB14AF-EC26-A6A0-A0C8-EA858301596D}*\InprocServer32] "{47AB14AF-EC26-A6A0-A0C8-EA858301596D}"=hex:3d,9d,7a,33,aa,28,ba,6d,94,df,b2, 56,81,37,3f,31,50,fc,8a,be,ce,d8,ea,b8,3d,9d,7a,33,aa,28,ba,6d,3d,9d,7a,33,\ [HKEY_USERS\S-1-5-21-1320545634-427508009-685320544-1000_Classes\Software\CLASSES\CLSID\{521DDAEA-357E-348D-529F-69C86B079B88}*\InprocServer32] "{521DDAEA-357E-348D-529F-69C86B079B88}"=hex:ff,7a,aa,c2,31,a5,04,49,00,1c,0d, 03,ca,ea,af,52,b1,a7,d8,e1,33,7e,46,3e,ff,7a,aa,c2,31,a5,04,49,ff,7a,aa,c2,\ [HKEY_USERS\S-1-5-21-1320545634-427508009-685320544-1000_Classes\Software\CLASSES\CLSID\{6350E045-29B0-F0FE-EBCA-E045A6A7B899}*\InprocServer32] "{6350E045-29B0-F0FE-EBCA-E045A6A7B899}"=hex:2d,f8,7e,32,4d,1c,7c,ed,5a,91,b4, c1,3f,26,c7,c5,af,43,13,78,6a,12,18,ae,2d,f8,7e,32,4d,1c,7c,ed,2d,f8,7e,32,\ [HKEY_USERS\S-1-5-21-1320545634-427508009-685320544-1000_Classes\Software\CLASSES\CLSID\{646939D8-B81B-3B2C-D44B-2DBE28BA332C}*\InprocServer32] "{646939D8-B81B-3B2C-D44B-2DBE28BA332C}"=hex:14,6a,41,14,ce,e9,2d,20,50,f9,f2, 21,b7,31,d4,df,42,4c,4e,8d,45,fa,b6,f4,14,6a,41,14,ce,e9,2d,20,14,6a,41,14,\ [HKEY_USERS\S-1-5-21-1320545634-427508009-685320544-1000_Classes\Software\CLASSES\CLSID\{7D372500-BE9C-A90E-A9DC-9F5CD5F5E5D3}*\InprocServer32] "{7D372500-BE9C-A90E-A9DC-9F5CD5F5E5D3}"=hex:24,9f,4f,39,04,65,56,d9,d3,69,73, 4a,ec,12,9f,59,bd,5b,5d,a7,62,a0,e8,87,24,9f,4f,39,04,65,56,d9,24,9f,4f,39,\ [HKEY_USERS\S-1-5-21-1320545634-427508009-685320544-1000_Classes\Software\CLASSES\CLSID\{AF7FA460-04D3-E351-6437-62AB14805DAA}*\InprocServer32] "{AF7FA460-04D3-E351-6437-62AB14805DAA}"=hex:ea,93,b6,11,8a,4a,ed,ef,b7,24,6d, b5,cd,77,ce,6a,96,b1,75,e3,b4,6e,1a,37,ea,93,b6,11,8a,4a,ed,ef,ea,93,b6,11,\ [HKEY_USERS\S-1-5-21-1320545634-427508009-685320544-1000_Classes\Software\CLASSES\CLSID\{C6EFFA37-DE45-CE36-AF2E-00D9541B4AA8}*\InprocServer32] "{C6EFFA37-DE45-CE36-AF2E-00D9541B4AA8}"=hex:56,a0,78,b6,7d,ee,27,a8,7f,59,48, 65,26,0d,c3,f1,e0,6d,c5,30,c7,35,c2,de,56,a0,78,b6,7d,ee,27,a8,56,a0,78,b6,\ [HKEY_USERS\S-1-5-21-1320545634-427508009-685320544-1000_Classes\Software\CLASSES\CLSID\{DDB7BF1A-39F1-3D9A-CE48-315AFA240514}*\InprocServer32] "{DDB7BF1A-39F1-3D9A-CE48-315AFA240514}"=hex:bf,a7,07,c1,12,e0,8b,04,4c,86,f1, a2,c2,5e,5d,4a,b5,85,de,4a,f6,08,58,8e,bf,a7,07,c1,12,e0,8b,04,bf,a7,07,c1,\ [HKEY_USERS\S-1-5-21-1320545634-427508009-685320544-1000_Classes\Software\CLASSES\CLSID\{F8655D1C-88FE-9861-F9E2-BFD4158045C0}*\InprocServer32] "{F8655D1C-88FE-9861-F9E2-BFD4158045C0}"=hex:ce,73,72,e9,4b,1e,88,68,dc,b6,1b, ba,92,aa,6a,75,68,fb,88,73,92,a1,c5,99,ce,73,72,e9,4b,1e,88,68,ce,73,72,e9,\ . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'Explorer.exe'(12788) c:\program files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll c:\program files\SourceTec\Sothink Web Video Downloader Stand-alone\VideoDownloader.dll c:\program files\Cordial\DLL_32\HookCordial.dll c:\program files\Stardock\ObjectDock\DockShellHook.dll c:\program files\Logitech\SetPoint\lgscroll.dll c:\program files\Vista Start Menu\VistaStartMenu.dll c:\windows\system32\pnidui.dll c:\program files\mes données\OSE.dll c:\program files\mes données\MOSAIC.dll c:\program files\Microsoft Virtual PC\VPCShExH.DLL . ------------------------ Autres processus actifs ------------------------ . c:\program files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe c:\program files\BitDefender\BitDefender 2009\vsserv.exe c:\windows\System32\Ati2evxx.exe c:\program files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe c:\windows\System32\audiodg.exe c:\windows\System32\Ati2evxx.exe c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe c:\program files\Common Files\microsoft shared\VS7DEBUG\mdm.exe c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\program files\Xobni\XobniService.exe c:\program files\Intel\Intel Matrix Storage Manager\IAANTmon.exe c:\windows\System32\WUDFHost.exe c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe c:\windows\System32\spool\drivers\w32x86\3\WrtProc.exe c:\program files\Common Files\logishrd\KHAL2\KHALMNPR.exe c:\program files\BitDefender\BitDefender 2009\seccenter.exe c:\combofix\hidec.exe c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe c:\windows\System32\msiexec.exe c:\combofix\Catchme.tmp . ************************************************************************** . Heure de fin: 2009-03-01 16:18:56 - La machine a redémarré [jacques] ComboFix-quarantined-files.txt 2009-03-01 15:17:19 Avant-CF: 74,275,450,880 octets libres Après-CF: 74,269,917,184 octets libres 654 --- E O F --- 2009-02-28 05:55:03
- le 1 mars 2009
- 15 réponses
pc lent

jg92 a répondu à un(e) sujet de jg92 dans Analyses et éradication malwares

Bonjour, Voici le rapport et merci de votre attention. ComboFix 09-02-27.02 - jacques 2009-03-01 7:49:04.2 - NTFSx86 Microsoft® Windows Vista™ Professionnel 6.0.6001.1.1252.1.1036.18.3069.2096 [GMT 1:00] Lancé depuis: c:\users\jacques\Desktop\ComboFix.exe AV: BitDefender Antivirus *On-access scanning disabled* (Updated) FW: Pare-feu BitDefender *disabled* . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . . ---- Exécution préalable ------- . c:\users\jacques\AppData\Roaming\.# c:\windows\patch.exe . ((((((((((((((((((((((((((((( Fichiers créés du 2009-02-01 au 2009-03-01 )))))))))))))))))))))))))))))))))))) . 2009-02-28 17:36 . 2009-02-28 17:37 <REP> d-------- C:\rsit 2009-02-28 08:31 . 2009-02-28 17:21 <REP> d--h-c--- c:\users\All Users\{51019853-129C-4EDE-9030-D5FD7BBD9AD0} 2009-02-28 08:31 . 2009-02-28 17:21 <REP> d--h-c--- c:\programdata\{51019853-129C-4EDE-9030-D5FD7BBD9AD0} 2009-02-28 08:00 . 2009-02-28 08:00 <REP> d-------- c:\users\jacques\The Magic Folder 2009-02-28 07:55 . 2009-02-28 07:55 <REP> d--hs---- C:\Boot 2009-02-26 18:40 . 2009-02-26 18:40 <REP> d-------- c:\users\All Users\ATI 2009-02-26 18:40 . 2009-02-26 18:40 <REP> d-------- c:\programdata\ATI 2009-02-26 14:12 . 2009-02-26 14:12 <REP> d-------- c:\program files\Driver-Soft 2009-02-26 14:12 . 2007-09-02 20:56 1,686,016 --a------ c:\windows\System32\clinetsuitex6.ocx 2009-02-26 14:12 . 2004-06-14 14:56 427,864 --a------ c:\windows\System32\XceedZip.dll 2009-02-26 09:45 . 2009-02-26 09:46 <REP> d-------- c:\program files\Valentine Musicbox 3D Screensaver 2009-02-26 09:45 . 2009-02-18 16:40 21,717,504 --a------ c:\windows\System32\Valentine Musicbox 3D Screensaver.exe 2009-02-26 09:45 . 2009-02-18 17:46 1,041,920 --a------ c:\windows\System32\Valentine_Musicbox_3D_Screensaver.scr 2009-02-24 08:58 . 2009-02-24 09:03 <REP> d-------- c:\program files\Luxand 2009-02-24 08:57 . 2009-02-24 08:57 <REP> d-------- C:\Gst 2009-02-23 23:17 . 2009-02-23 23:17 <REP> d-------- c:\program files\Debugmode 2009-02-23 23:17 . 2009-02-23 23:17 <REP> d-------- c:\program files\Common Files\debugmode 2009-02-23 23:08 . 2009-02-23 23:09 <REP> d-------- C:\Mng 2009-02-23 22:37 . 2009-02-23 22:37 1,496,576 ---h----- c:\windows\System32\wodfamop.dll 2009-02-23 22:36 . 2009-02-23 23:08 <REP> d-------- c:\program files\Digital Photo Software 2009-02-23 16:46 . 2009-02-23 18:17 815 --a------ C:\rtsr_eml_sr.dat 2009-02-23 16:46 . 2009-02-23 18:17 128 --a------ C:\dwl.dat 2009-02-23 16:27 . 2009-02-23 16:27 16 --a------ C:\asdict.dat 2009-02-22 17:04 . 2009-02-22 17:04 <REP> d-------- c:\program files\UnH Solutions 2009-02-22 16:24 . 2009-02-23 22:03 <REP> d-------- c:\program files\FaceMorpher 2009-02-22 15:36 . 2009-02-22 16:12 <REP> d-------- c:\program files\FaceMorpher Lite 2009-02-22 15:01 . 2009-02-22 15:01 <REP> d-------- c:\users\jacques\AppData\Roaming\Malwarebytes 2009-02-22 15:01 . 2009-02-22 15:01 <REP> d-------- c:\users\All Users\Malwarebytes 2009-02-22 15:01 . 2009-02-22 15:01 <REP> d-------- c:\programdata\Malwarebytes 2009-02-22 15:01 . 2009-02-22 15:01 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware 2009-02-22 15:01 . 2009-02-11 10:19 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys 2009-02-22 15:01 . 2009-02-11 10:19 15,504 --a------ c:\windows\System32\drivers\mbam.sys 2009-02-22 10:20 . 2009-02-22 15:21 <REP> d-------- c:\program files\Caricature Software 2009-02-19 21:30 . 2009-02-19 21:30 <REP> d-------- c:\program files\MailControl 2009-02-19 21:30 . 2005-11-16 17:37 167,936 --a------ c:\windows\System32\Mcontrolxp32.dll 2009-02-19 21:30 . 2004-07-08 18:33 49,152 --a------ c:\windows\System32\AOMTrace.dll 2009-02-15 20:45 . 2009-02-15 20:46 <REP> d-------- c:\users\jacques\Library 2009-02-15 20:37 . 2009-02-15 20:51 <REP> d-------- c:\users\jacques\AppData\Roaming\calibre 2009-02-15 16:09 . 2009-02-15 16:15 <REP> d-------- c:\program files\Photosynth 2009-02-15 10:36 . 2009-03-01 07:29 401,900,409 --a------ c:\windows\MEMORY.DMP 2009-02-15 07:18 . 2009-02-15 07:18 <REP> d-------- c:\program files\Microsoft Office Outlook Connector 2009-02-14 18:47 . 2009-02-14 18:47 43 --a------ c:\windows\gswin32.ini 2009-02-14 18:43 . 2009-02-14 18:43 <REP> d-------- c:\program files\gs 2009-02-14 16:32 . 2009-02-14 18:11 <REP> d-------- c:\program files\IrfanView 2009-02-13 18:29 . 2009-02-13 18:29 <REP> d-------- c:\program files\Turtix 2 - Rescue Adventures 2009-02-11 07:18 . 2009-01-15 04:36 1,383,424 --a------ c:\windows\System32\mshtml.tlb 2009-02-11 07:18 . 2009-01-15 07:11 827,392 --a------ c:\windows\System32\wininet.dll 2009-02-10 20:37 . 2009-02-10 20:37 <REP> d-------- c:\users\jacques\AppData\Roaming\System Tweaker 2009-02-10 20:30 . 2009-02-10 20:30 <REP> d-------- c:\program files\Jufsoft 2009-02-10 19:40 . 2009-02-28 17:23 <REP> d-------- c:\users\jacques\AppData\Roaming\Uniblue 2009-02-10 19:39 . 2009-02-28 17:21 <REP> d-------- c:\program files\Uniblue 2009-02-10 19:38 . 2009-02-10 19:39 <REP> d--h-c--- c:\users\All Users\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185} 2009-02-10 19:38 . 2009-02-10 19:39 <REP> d--h-c--- c:\programdata\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185} 2009-02-08 19:34 . 2009-02-13 17:26 <REP> d-------- c:\program files\Common Files\muvee Technologies 2009-02-08 19:33 . 2007-02-08 19:30 1,079,808 --a------ c:\windows\System32\mfc80u.dll 2009-02-08 19:33 . 2007-02-08 19:30 626,688 --a------ c:\windows\System32\msvcr80.dll 2009-02-08 19:33 . 2007-02-08 19:30 548,864 --a------ c:\windows\System32\msvcp80.dll 2009-02-08 19:33 . 2007-02-08 19:30 95,744 --a------ c:\windows\System32\atl80.dll 2009-02-08 10:13 . 2009-02-08 10:13 <REP> d--h----- c:\program files\InstallJammer Registry 2009-02-08 10:13 . 2009-02-08 10:13 <REP> d-------- c:\program files\calibre 2009-02-08 10:09 . 2009-02-27 09:08 <REP> d-------- C:\DSynchronize 2009-02-07 08:42 . 2009-02-04 20:58 51,622,242 --a------ c:\users\Public\codec-video-PRO.exe 2009-02-07 08:02 . 2009-02-07 08:05 25,839,688 --a------ c:\users\Public\wmp11-windowsxp-x86-FR-FR.exe 2009-02-06 19:39 . 2009-02-06 19:39 308,600 --a------ c:\windows\WLXPGSS.SCR 2009-02-06 18:52 . 2009-02-06 18:52 49,504 --a------ c:\windows\System32\sirenacm.dll 2009-02-04 23:42 . 2009-02-05 07:45 <REP> d-------- c:\program files\BitTorrent 2009-02-04 23:29 . 2009-02-28 19:18 <REP> d-------- c:\users\jacques\AppData\Roaming\BitTorrent 2009-02-04 21:18 . 2003-08-18 05:10 122,880 --a------ c:\windows\System32\directx.cpl 2009-02-04 21:18 . 2003-03-25 05:49 106,544 --a------ c:\windows\System32\tweakui.cpl 2009-02-04 21:18 . 2003-03-25 05:49 98,304 --a------ c:\windows\System32\startup.cpl 2009-02-04 21:18 . 2004-02-17 10:11 53,248 --a------ c:\windows\System32\vp6dec_settings.cpl 2009-02-04 21:18 . 2003-03-25 05:49 51,238 --a------ c:\windows\System32\tweakui.hlp 2009-02-04 21:17 . 2009-02-04 21:18 <REP> d-------- c:\program files\ACE Mega CoDecS Pack 2009-02-04 21:03 . 2009-03-01 07:45 <REP> d-------- c:\users\jacques\AppData\Roaming\DNA 2009-02-04 21:03 . 2009-03-01 07:34 <REP> d-------- c:\program files\DNA 2009-02-04 20:39 . 2009-02-04 20:46 8,256,292 --a------ c:\users\Public\eMulev0.49a.-MorphXTv11.0-installer.exe 2009-02-04 19:21 . 2009-02-04 19:21 <REP> d-------- c:\program files\AnmSMP 2009-02-04 08:29 . 2009-02-04 08:29 4,303,360 --a------ c:\windows\System32\drivers\atikmdag.sys 2009-02-04 06:02 . 2009-02-04 06:02 442,368 --a------ c:\windows\System32\ATIDEMGX.dll 2009-02-04 06:00 . 2009-02-04 06:00 274,432 --a------ c:\windows\System32\Oemdspif.dll 2009-02-04 06:00 . 2009-02-04 06:00 43,520 --a------ c:\windows\System32\ati2edxx.dll 2009-02-04 06:00 . 2009-02-04 06:00 11,264 --a------ c:\windows\System32\atimuixx.dll 2009-02-04 05:59 . 2009-02-04 05:59 286,720 --a------ c:\windows\System32\Ati2evxx.dll 2009-02-04 05:58 . 2009-02-04 05:58 729,088 --a------ c:\windows\System32\Ati2evxx.exe 2009-02-04 05:21 . 2009-02-04 05:21 121,808 --a------ c:\windows\System32\atiumdva.cap 2009-02-04 05:11 . 2009-02-04 05:11 11,366,400 --a------ c:\windows\System32\atioglxx.dll 2009-02-04 05:07 . 2009-02-04 05:07 131,072 --a------ c:\windows\System32\atiadlxx.dll 2009-02-04 05:07 . 2009-02-04 05:07 51,712 --a------ c:\windows\System32\amdpcom32.dll 2009-02-04 04:53 . 2009-02-04 04:53 53,248 --a------ c:\windows\System32\drivers\ati2erec.dll 2009-02-04 04:01 . 2009-02-04 04:01 57,344 --a------ c:\windows\System32\aticalrt.dll 2009-02-04 04:01 . 2009-02-04 04:01 53,248 --a------ c:\windows\System32\aticalcl.dll 2009-02-04 03:58 . 2009-02-04 03:58 3,252,224 --a------ c:\windows\System32\aticaldd.dll 2009-02-02 20:05 . 2009-02-02 20:05 <REP> d-------- c:\program files\cemail 2009-02-02 05:40 . 2009-02-02 13:09 <REP> d-------- c:\program files\InstStudioScrap-Kit-St-Valentin 2009-02-02 05:01 . 2009-02-02 05:10 <REP> d-------- c:\users\All Users\Studio-Scrap2 2009-02-02 05:01 . 2009-02-02 05:10 <REP> d-------- c:\programdata\Studio-Scrap2 2009-02-01 17:31 . 2009-02-02 05:32 <REP> d-------- c:\users\jacques\AppData\Roaming\Studio-Scrap2 2009-02-01 17:30 . 2009-02-02 07:41 <REP> d-------- c:\program files\Studio-Scrap 2009-02-01 16:35 . 2009-02-02 05:46 <REP> d-------- c:\program files\InstStudio-Scrap 2009-02-01 16:21 . 2009-02-01 16:22 172 --a------ c:\windows\MyHeritage.INI 2009-02-01 16:18 . 2009-02-01 16:18 <REP> d-------- c:\users\jacques\AppData\Roaming\MyHeritage 2009-02-01 16:18 . 2009-02-01 16:22 <REP> d-------- c:\users\All Users\MyHeritage 2009-02-01 16:18 . 2009-02-01 16:22 <REP> d-------- c:\programdata\MyHeritage 2009-02-01 16:16 . 2009-02-01 16:16 <REP> d-------- c:\users\jacques\AppData\Roaming\The Complete Genealogy Reporter - FTB 2009-02-01 16:16 . 2009-02-01 16:16 <REP> d-------- C:\MyHeritage 2009-02-01 16:16 . 2002-03-07 01:19 454,656 --a------ c:\windows\System32\PaintX.dll 2009-02-01 16:16 . 2003-07-06 14:07 372,736 --a------ c:\windows\System32\ijl15.dll 2009-02-01 08:04 . 2009-02-01 08:04 <REP> d-------- c:\program files\Artisteer 2 (Beta) 2009-02-01 07:55 . 2008-06-20 02:14 781,344 --a------ c:\windows\System32\PresentationNative_v0300.dll 2009-02-01 07:55 . 2008-06-20 02:14 622,080 --a------ c:\windows\System32\icardagt.exe 2009-02-01 07:55 . 2008-06-20 02:14 326,160 --a------ c:\windows\System32\PresentationHost.exe 2009-02-01 07:55 . 2008-06-20 02:14 105,016 --a------ c:\windows\System32\PresentationCFFRasterizerNative_v0300.dll 2009-02-01 07:55 . 2008-06-20 02:14 97,800 --a------ c:\windows\System32\infocardapi.dll 2009-02-01 07:55 . 2008-06-20 02:14 43,544 --a------ c:\windows\System32\PresentationHostProxy.dll 2009-02-01 07:55 . 2008-06-20 02:14 37,384 --a------ c:\windows\System32\infocardcpl.cpl 2009-02-01 07:55 . 2008-06-20 02:14 11,264 --a------ c:\windows\System32\icardres.dll 2009-02-01 07:39 . 2008-07-27 19:03 282,112 --a------ c:\windows\System32\mscoree.dll 2009-02-01 07:39 . 2008-07-27 19:03 158,720 --a------ c:\windows\System32\mscorier.dll 2009-02-01 07:39 . 2008-07-27 19:03 96,760 --a------ c:\windows\System32\dfshim.dll 2009-02-01 07:39 . 2008-07-27 19:03 41,984 --a------ c:\windows\System32\netfxperf.dll 2009-02-01 07:38 . 2008-07-27 19:03 83,968 --a------ c:\windows\System32\mscories.dll 2009-02-01 01:15 . 2009-02-01 01:15 <REP> d-------- c:\users\jacques\AppData\Roaming\Artisteer 2009-02-01 01:14 . 2009-02-01 08:03 <REP> d-------- c:\program files\Artisteer . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-03-01 06:53 81,984 ----a-w c:\windows\System32\bdod.bin 2009-03-01 06:46 --------- d---a-w c:\programdata\TEMP 2009-03-01 06:44 --------- d-----w c:\programdata\Google Updater 2009-02-28 22:09 --------- d-----w c:\users\jacques\AppData\Roaming\MSN Pictures Displayer 2009-02-28 16:26 --------- d-----w c:\users\jacques\AppData\Roaming\MailWasherPro 2009-02-28 07:04 --------- d-----w c:\users\jacques\AppData\Roaming\Vista Start Menu 2009-02-28 06:56 --------- d-----w c:\program files\Microsoft Silverlight 2009-02-28 01:28 --------- d-----w c:\program files\Common Files\Wise Installation Wizard 2009-02-28 01:27 --------- d-----w c:\users\jacques\AppData\Roaming\SUPERAntiSpyware.com 2009-02-27 20:36 --------- d-----w c:\users\jacques\AppData\Roaming\GrabIt 2009-02-26 17:51 --------- d-----w c:\program files\ATI 2009-02-26 17:15 --------- d--h--w c:\program files\InstallShield Installation Information 2009-02-26 16:42 --------- d-----w c:\program files\ATI Technologies 2009-02-26 12:08 --------- d-----w c:\program files\Cordial 2009-02-26 08:46 --------- d-----w c:\program files\3Planesoft Screensaver Manager 2009-02-24 19:39 --------- d-----w c:\program files\Morpheus Photo Animation Suite 2009-02-24 17:55 --------- d-----w c:\program files\Abrosoft 2009-02-24 02:02 --------- d-----w c:\programdata\Microsoft Help 2009-02-23 17:17 132 ----a-w C:\httpdwl.dat 2009-02-23 17:13 --------- d-----w c:\users\jacques\AppData\Roaming\FileZilla 2009-02-22 18:45 --------- d-----w c:\users\jacques\AppData\Roaming\Desktopicon 2009-02-22 08:26 --------- d-----w c:\program files\MSECache 2009-02-20 00:05 --------- d-----w c:\program files\eMule 2009-02-19 17:02 --------- d-----w c:\program files\EasyBox 2009-02-19 12:18 --------- d-----w c:\programdata\SlySoft 2009-02-19 12:15 --------- d-----w c:\program files\SlySoft 2009-02-18 10:37 659,456 ----a-w c:\windows\System32\3Planesoft_Screensaver_Manager.scr 2009-02-18 06:41 --------- d-----w c:\program files\Banque 3.0 Manager 2009-02-16 20:35 --------- d-----w c:\program files\FileZilla Client 2009-02-15 04:26 --------- d-----w c:\program files\Microsoft 2009-02-14 17:13 --------- d-----w c:\program files\iPod 2009-02-14 11:14 --------- d-----w c:\programdata\Spybot - Search & Destroy 2009-02-14 11:13 --------- d-----w c:\program files\Spybot - Search & Destroy 2009-02-13 12:18 --------- d-----w c:\program files\OLYMPUS 2009-02-12 02:01 --------- d-----w c:\program files\Windows Mail 2009-02-04 20:20 --------- d-----w c:\program files\QuickTime 2009-02-04 20:13 --------- d-----w c:\program files\DivX 2009-02-04 05:00 348,160 ----a-w c:\windows\System32\atipdlxx.dll 2009-02-04 05:00 159,744 ----a-w c:\windows\System32\atitmmxx.dll 2009-02-04 04:43 3,903,488 ----a-w c:\windows\System32\atiumdag.dll 2009-02-04 04:22 4,905,472 ----a-w c:\windows\System32\atiumdva.dll 2009-02-02 19:19 --------- d-----w c:\program files\Free-info 2009-02-02 19:12 --------- d-----w c:\program files\Passbox2007 2009-01-31 21:38 --------- d-----w c:\programdata\BitDefender 2009-01-31 21:26 --------- d-----w c:\users\jacques\AppData\Roaming\BitDefender 2009-01-31 21:26 --------- d-----w c:\program files\BitDefender 2009-01-31 21:25 --------- d-----w c:\program files\Common Files\BitDefender 2009-01-31 03:17 91,744 ----a-w c:\windows\BPMNT.dll 2009-01-31 03:17 1,213,784 ----a-w c:\windows\vsapi32.dll 2009-01-29 20:54 --------- d-----w c:\programdata\Ulead Systems 2009-01-29 09:07 --------- d-----w c:\users\jacques\AppData\Roaming\Apple Computer 2009-01-29 08:42 --------- d-----w c:\users\jacques\AppData\Roaming\Avanquest 2009-01-29 08:42 --------- d-----w c:\programdata\BVRP Software 2009-01-29 08:42 --------- d-----w c:\programdata\Avanquest 2009-01-29 08:41 --------- d-----w c:\program files\Avanquest 2009-01-28 17:23 --------- d-----w c:\program files\CCleaner 2009-01-28 16:55 --------- d-----w c:\program files\Bonjour 2009-01-27 21:04 --------- d-----w c:\users\jacques\AppData\Roaming\ATI 2009-01-27 20:06 --------- d-----w c:\program files\DIFX 2009-01-27 20:06 --------- d-----w c:\program files\Common Files\ATI Technologies 2009-01-27 20:03 --------- d-----w c:\program files\USB TV 2009-01-27 19:36 --------- d-----w c:\program files\Intel 2009-01-27 19:18 --------- d-----w c:\program files\Logitech 2009-01-27 19:15 --------- d-----w c:\programdata\Logishrd 2009-01-27 17:45 --------- d-----w c:\program files\ma-config.com 2009-01-27 17:44 --------- d-----w c:\programdata\ma-config.com 2009-01-27 08:04 --------- d-----w c:\users\jacques\AppData\Roaming\GoodSync 2009-01-25 17:56 --------- d-----w c:\program files\Recover Keys 2009-01-25 14:59 --------- d-----w c:\program files\Samsung 2009-01-25 14:17 --------- d-----w c:\programdata\{3276BE95_AF08_429F_A64F_CA64CB79BCF6} 2009-01-25 14:16 --------- d-----w c:\programdata\Apple Computer 2009-01-25 14:16 --------- d-----w c:\program files\Common Files\Apple 2009-01-25 08:44 --------- d-----w c:\program files\Common Files\L&H 2009-01-25 08:40 --------- d-----w c:\program files\Microsoft Reader 2009-01-21 03:46 --------- d-----w c:\users\jacques\AppData\Roaming\OnlineStorage 2009-01-21 03:45 --------- d-----w c:\program files\mes données 2009-01-18 17:04 --------- d-----w c:\program files\Google 2009-01-17 19:46 --------- d-----w c:\users\jacques\AppData\Roaming\Cordial 2009-01-17 19:41 --------- d-----w c:\program files\SWF To Video Scout PRO 2009-01-17 19:41 --------- d-----w c:\program files\SWF Printer Pro 2009-01-17 19:41 --------- d-----w c:\program files\MesNews 2009-01-17 19:41 --------- d-----w c:\program files\Eltima Software 2009-01-17 18:03 --------- d-----w c:\users\jacques\AppData\Roaming\Zylom 2009-01-17 18:02 --------- d-----w c:\users\jacques\AppData\Roaming\Skip-Bo 2009-01-17 18:02 --------- d-----w c:\program files\Zylom Games 2009-01-17 17:56 --------- d-----w c:\programdata\Zylom 2009-01-17 07:57 --------- d-----w c:\program files\Java 2009-01-15 07:29 --------- d-----w c:\program files\Universal Extractor 2009-01-14 07:08 --------- d-----w c:\program files\Jerrycan 2009-01-12 20:44 --------- d-----w c:\program files\Messenger Plus! Live 2009-01-12 07:11 --------- d-----w c:\program files\Common Files\SourceTec 2009-01-08 21:10 --------- d-----w c:\program files\Ricochet - Infinity 2009-01-06 19:56 --------- d-----w c:\users\jacques\AppData\Roaming\Photo! 3D Album 2009-01-06 07:33 --------- d-----w c:\program files\AVS4YOU 2009-01-06 04:47 --------- d-----w c:\users\jacques\AppData\Roaming\Jasc 2009-01-06 04:46 --------- d-----w c:\program files\Jasc Software Inc 2009-01-06 04:37 --------- d-----w c:\program files\JanSoft 2009-01-06 04:28 --------- d-----w c:\program files\PhotoFiltre Studio 2009-01-05 22:33 3,751,995 ----a-w c:\windows\System32\GPhotos.scr 2009-01-04 07:55 --------- d-----w c:\users\jacques\AppData\Roaming\Babylon 2006-05-24 14:38 233,472 ----a-w c:\program files\mozilla firefox\plugins\CrazyTalk4Native.dll 2006-05-18 15:00 204,895 ----a-w c:\program files\mozilla firefox\plugins\ctdomemhelper.dll 2005-09-29 12:41 77,824 ----a-w c:\program files\mozilla firefox\plugins\ctframeplayerobject.dll 2006-05-18 14:59 426,081 ----a-w c:\program files\mozilla firefox\plugins\ctplayerobject.dll 2005-02-02 10:19 458,752 ----a-w c:\program files\mozilla firefox\plugins\imagickrt.dll 2006-04-10 16:35 139,264 ----a-w c:\program files\mozilla firefox\plugins\rlcontentclass.dll 2005-11-09 09:10 204,800 ----a-w c:\program files\mozilla firefox\plugins\RLMusicPacker.dll 2005-11-09 09:42 106,496 ----a-w c:\program files\mozilla firefox\plugins\RLMusicUnpacker.dll 2006-01-04 09:22 212,992 ----a-w c:\program files\mozilla firefox\plugins\RLVoicePacker.dll 2006-01-04 09:21 167,936 ----a-w c:\program files\mozilla firefox\plugins\RLVoiceUnpacker.dll 2008-12-16 16:52 61,440 ----a-w c:\program files\mozilla firefox\components\FFComm.dll 2008-04-22 16:44 122,880 ----a-w c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll 2008-04-13 10:38 848 --sha-w c:\windows\System32\KGyGaAvL.sys . ((((((((((((((((((((((((((((( SnapShot@2009-02-28_23.24.52.40 ))))))))))))))))))))))))))))))))))))))))) . - 2009-02-28 18:34:28 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2009-03-01 06:30:29 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2009-02-28 18:34:28 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2009-03-01 06:30:29 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2009-02-28 18:45:53 262,144 --sha-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT + 2009-03-01 06:34:57 262,144 --sha-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT + 2009-03-01 06:34:57 262,144 ---ha-w c:\windows\ServiceProfiles\LocalService\ntuser.dat.LOG1 - 2009-02-28 18:45:48 262,144 --sha-w c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT + 2009-03-01 06:34:53 262,144 --sha-w c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT + 2009-03-01 06:34:53 262,144 ---ha-w c:\windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1 - 2009-02-28 18:34:46 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-03-01 06:43:59 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2009-02-28 18:34:46 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-03-01 06:43:59 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-02-28 18:34:46 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-03-01 06:43:59 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2009-02-28 16:14:29 11,230 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1320545634-427508009-685320544-1000_UserData.bin + 2009-03-01 06:35:26 11,230 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1320545634-427508009-685320544-1000_UserData.bin - 2009-02-28 16:14:28 69,578 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin + 2009-03-01 06:35:25 69,664 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920] "Integration de Cordial"="c:\program files\CORDIAL\DLL_32\INTEGRATION_CORDIAL.EXE" [2008-10-06 450632] "ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-03-20 213936] "ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2006-03-20 213936] "MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-02-15 3885408] "VistaStartMenu"="c:\program files\Vista Start Menu\VistaStartMenu.exe" [2008-07-09 1331200] "RoboForm"="c:\program files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2008-12-25 160592] "Web Video Downloader"="c:\program files\SourceTec\Sothink Web Video Downloader Stand-alone\VideoDownloader.exe" [2008-11-24 3257616] "1&1 EasyLogin"="c:\program files\1&1\1&1 EasyLogin\EasyLogin.exe" [2009-02-13 2200576] "BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2009-02-04 342848] "SEO Soft"="c:\stat(2)\stat.exe" [2009-02-24 581632] "OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2008-11-07 95536] "SynapseUpdate"="c:\program files\Synapse Développement\Synapse Update\Synapse Update.exe" [2008-06-17 491520] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-04-22 29744] "WrtMon.exe"="c:\windows\system32\spool\drivers\w32x86\3\WrtMon.exe" [2006-09-20 20480] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-12-04 186904] "BDAgent"="c:\program files\BitDefender\BitDefender 2009\bdagent.exe" [2009-01-09 741376] "BitDefender Antiphishing Helper"="c:\program files\BitDefender\BitDefender 2009\IEShow.exe" [2008-10-17 69632] "OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" [2008-11-07 54576] "Agent BanqueManager"="c:\program files\Banque 3.0 Manager\Bin\Bq30tna.exe" [2009-01-31 3587072] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-02-03 61440] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-10-10 c:\windows\KHALMNPR.Exe] c:\users\jacques\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ MemInfo.lnk.disabled [2008-09-14 1686] MSN Pictures Displayer.lnk - c:\program files\MSN Pictures Displayer\MSN Pictures Displayer.exe [2008-03-15 4571136] Stardock ObjectDock.lnk - c:\program files\Stardock\ObjectDock\ObjectDock.exe [2008-10-12 3581680] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-02-26 809488] SetPointII.lnk - c:\program files\Logitech\SetPoint II\SetpointII.exe [2008-11-13 323584] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) "EnableLUA"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) "SynchronousMachineGroupPolicy"= 0 (0x0) "SynchronousUserGroupPolicy"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoStrCmpLogical"= 1 (0x1) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoRecentDocsNetHood"= 1 (0x1) "NoResolveTrack"= 0 (0x0) "NoSMBalloonTip"= 1 (0x1) "NoWelcomeScreen"= 1 (0x1) "TaskbarNoNotification"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "vidc.mjpg"= pvmjpg30.dll "msacm.sl_anet"= c:\progra~1\ACEMEG~1\SystemS\sl_anet.acm "vidc.yv12"= c:\progra~1\ACEMEG~1\SystemS\ATI\atiyuv12.DLL "vidc.divx"= c:\progra~1\ACEMEG~1\SystemS\DivX\DivX520.dll "vidc.iyuv"= c:\progra~1\ACEMEG~1\SystemS\Intel\iyuv_32.dll "vidc.yvu9"= c:\progra~1\ACEMEG~1\SystemS\Intel\Iyvu9_32.dll "vidc.uyvy"= c:\progra~1\ACEMEG~1\SystemS\MICROS~1\msyuv.dll "vidc.yuy2"= c:\progra~1\ACEMEG~1\SystemS\MICROS~1\msyuv.dll "vidc.yvyu"= c:\progra~1\ACEMEG~1\SystemS\MICROS~1\msyuv.dll "msacm.msaudio1"= c:\progra~1\ACEMEG~1\SystemS\MICROS~1\msaud32.acm "msacm.iac2"= c:\progra~1\ACEMEG~1\SystemS\Intel\iac25_32.ax [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BDARemote.lnk] backup=c:\windows\pss\BDARemote.lnk.CommonStartup backupExtension=.CommonStartup [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech SetPoint.lnk] backup=c:\windows\pss\Logitech SetPoint.lnk.CommonStartup backupExtension=.CommonStartup [HKLM\~\startupfolder\C:^Users^jacques^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MSN Pictures Displayer.lnk] path=c:\users\jacques\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MSN Pictures Displayer.lnk backup=c:\windows\pss\MSN Pictures Displayer.lnk.Startup backupExtension=.Startup [HKLM\~\startupfolder\C:^Users^jacques^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Outil de notification Live Search.lnk] backup=c:\windows\pss\Outil de notification Live Search.lnk.Startup backupExtension=.Startup HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ulcjfne [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\1&1 EasyLogin] --------- 2009-02-13 15:45 2200576 c:\program files\1&1\1&1 EasyLogin\EasyLogin.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Scheduler2 Service] --a------ 2008-10-29 00:22 165144 c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AcronisTimounterMonitor] --a------ 2008-10-29 00:29 961432 c:\program files\Acronis\TrueImageHome\TimounterMonitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] --a------ 2008-10-15 01:04 39792 c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Agent Banque 3.0 Manager] --a------ 2009-01-31 19:04 3587072 c:\program files\Banque 3.0 Manager\Bin\Bq30tna.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Agent BanqueManager] --a------ 2009-01-31 19:04 3587072 c:\program files\Banque 3.0 Manager\Bin\Bq30tna.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AnyDVD] --a------ 2008-03-28 16:33 1743808 c:\program files\SlySoft\AnyDVD\AnyDVDtray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier] c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [bU] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray] --a------ 2006-09-28 20:21 57344 c:\program files\SlySoft\CloneCD\CloneCDTray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eMuleAutoStart] --a------ 2008-05-19 20:32 5877760 c:\program files\eMule\emule.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Eraser] --a------ 2007-12-23 00:03 916240 c:\program files\Eraser\Eraser.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Family Tree Builder Update] --a------ 2009-01-14 14:49 113680 c:\myheritage\Bin\FTBCheckUpdates.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanceurEasyBox] --a------ 2007-02-23 20:42 499699 c:\program files\EasyBox\EasyBox.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OM2_Monitor] --a------ 2008-11-07 13:50 95536 c:\program files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] c:\program files\QuickTime\QTTask.exe [bU] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SEO Soft] --a------ 2009-02-24 08:52 581632 c:\stat(2)\stat.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmsDiscount] --a------ 2008-09-15 17:23 8986936 c:\program files\SmsDiscount.com\SmsDiscount\SmsDiscount.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer] -rahs---- 2009-01-26 15:31 2144088 c:\program files\Spybot - Search & Destroy\TeaTimer.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC] --a------ 2009-02-03 22:21 61440 c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] --a------ 2008-11-11 11:01 136600 c:\program files\Java\jre6\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynapseUpdate] --a------ 2008-06-17 11:46 491520 c:\program files\Synapse Développement\Synapse Update\Synapse Update.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sync2] --a------ 2008-12-08 17:58 2807304 c:\program files\4Team Corporation\Sync2\Sync2.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe] --a------ 2008-12-09 11:12 234856 c:\program files\TomTom HOME 2\HOMERunner.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe] --a------ 2008-10-29 00:03 4375312 c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TweakVI] --a------ 2008-08-18 10:21 6034080 c:\program files\TweakVI\TweakVI.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue RegistryBooster 2009] --a------ 2008-08-26 17:48 99624 c:\program files\Uniblue\RegistryBooster\StartRegistryBooster.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant] --a------ 2008-05-02 05:15 15872 c:\program files\Unlocker\UnlockerAssistant.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePDRShortCut] --------- 2008-01-04 10:02 222504 c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender] --a------ 2008-01-21 03:23 1008184 c:\program files\Windows Defender\MSASCui.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile-based device management] --a------ 2007-01-24 11:21 563080 c:\windows\WindowsMobile\wmdc.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG] --a------ 2008-01-21 03:25 202240 c:\program files\Windows Media Player\wmpnscfg.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer] --a------ 2008-10-10 14:46 69632 c:\windows\KHALMNPR.Exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpAgent] OpAgent.exe [bU] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "<NO NAME>"= "OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" "WMPNSCFG"=c:\program files\Windows Media Player\WMPNSCFG.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" /OM "UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" "Windows Mobile Device Center"=%windir%\WindowsMobile\wmdc.exe "Windows Mobile-based device management"=%windir%\WindowsMobile\wmdc.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-1320545634-427508009-685320544-1000] "EnableNotificationsRef"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{9C7868E3-3CD7-4B6F-9E8C-7F2B35D70C7E}"= UDP:990:LocalSubnet:LocalSubnet|IF={23F078B8-8EFF-4967-8CA6-F11BBC724676}|%SystemRoot%\system32\svchost.exe|Svc=rapimgr:@%systemroot%\WindowsMobile\wmdc.exe,-4001 "{A0179BE3-2943-4253-9B0E-33BAA993B7BE}"= UDP:26675:LocalSubnet:LocalSubnet|IF={23F078B8-8EFF-4967-8CA6-F11BBC724676}:@%systemroot%\WindowsMobile\wmdc.exe,-4006 "{D80A629B-E0A0-4784-9338-9C01B6E3A711}"= UDP:999:LocalSubnet:LocalSubnet|IF={23F078B8-8EFF-4967-8CA6-F11BBC724676}|%systemroot%\WindowsMobile\wmdHost.exe:@%systemroot%\WindowsMobile\wmdc.exe,-4005 "{9587C78C-B3D3-49DE-B0C8-B788E1923AB5}"= UDP:5678:LocalSubnet:LocalSubnet|IF={23F078B8-8EFF-4967-8CA6-F11BBC724676}|%systemroot%\WindowsMobile\wmdHost.exe:@%systemroot%\WindowsMobile\wmdc.exe,-4004 "{7E5556C4-508B-4054-81A0-59AD8CBA3468}"= UDP:1034:LocalSubnet:LocalSubnet|IF={23F078B8-8EFF-4967-8CA6-F11BBC724676}:@%systemroot%\WindowsMobile\wmdc.exe,-4003 "{984ABB2D-8979-425C-9B16-406F630802D1}"= UDP:5721:LocalSubnet:LocalSubnet|IF={23F078B8-8EFF-4967-8CA6-F11BBC724676}:@%systemroot%\WindowsMobile\wmdc.exe,-4002 "{F4F0F587-6A8F-4515-8EAA-06E4398C0D66}"= UDP:26675:LocalSubnet:LocalSubnet|IF={41D93B04-5CB3-4886-AB27-4C19E0B52483}:@%systemroot%\WindowsMobile\wmdc.exe,-4006 "{1ED71D26-17BF-4548-B67C-DF88CB9639BD}"= UDP:999:LocalSubnet:LocalSubnet|IF={41D93B04-5CB3-4886-AB27-4C19E0B52483}|%systemroot%\WindowsMobile\wmdHost.exe:@%systemroot%\WindowsMobile\wmdc.exe,-4005 "{B67F03B0-71AB-429F-9024-F7FD44B15CDD}"= UDP:5678:LocalSubnet:LocalSubnet|IF={41D93B04-5CB3-4886-AB27-4C19E0B52483}|%systemroot%\WindowsMobile\wmdHost.exe:@%systemroot%\WindowsMobile\wmdc.exe,-4004 "{A85DFA2A-4097-4765-B0B9-E5FD24C877F7}"= UDP:1034:LocalSubnet:LocalSubnet|IF={41D93B04-5CB3-4886-AB27-4C19E0B52483}:@%systemroot%\WindowsMobile\wmdc.exe,-4003 "{8F500B56-6732-48E2-B80F-BECDDF175AFA}"= UDP:26675:LocalSubnet:LocalSubnet|IF={8D9AC832-E965-4DB8-A32A-43FB54289002}:@%systemroot%\WindowsMobile\wmdc.exe,-4006 "{C2DDEF97-7432-4BF0-9E4F-DBC9AE808FD2}"= UDP:999:LocalSubnet:LocalSubnet|IF={8D9AC832-E965-4DB8-A32A-43FB54289002}|%systemroot%\WindowsMobile\wmdHost.exe:@%systemroot%\WindowsMobile\wmdc.exe,-4005 "{9E7B07FA-D661-41A4-91A8-82B3B04308D3}"= UDP:5678:LocalSubnet:LocalSubnet|IF={8D9AC832-E965-4DB8-A32A-43FB54289002}|%systemroot%\WindowsMobile\wmdHost.exe:@%systemroot%\WindowsMobile\wmdc.exe,-4004 "{3A90038F-6B23-4D8E-B709-B3CBBB870AD0}"= UDP:1034:LocalSubnet:LocalSubnet|IF={8D9AC832-E965-4DB8-A32A-43FB54289002}:@%systemroot%\WindowsMobile\wmdc.exe,-4003 "{9EFD718D-E940-4769-886B-98A88A9EF897}"= UDP:26675:LocalSubnet:LocalSubnet|IF={8D9AC832-E965-4DB8-A32A-43FB54289002}:@%systemroot%\WindowsMobile\wmdc.exe,-4006 "{F3959967-FF18-4DD3-A1A6-CD2F7B95FD1D}"= UDP:999:LocalSubnet:LocalSubnet|IF={8D9AC832-E965-4DB8-A32A-43FB54289002}|%systemroot%\WindowsMobile\wmdHost.exe:@%systemroot%\WindowsMobile\wmdc.exe,-4005 "{EE157CEE-DE82-4200-8580-D7BCA96BB39A}"= UDP:5678:LocalSubnet:LocalSubnet|IF={8D9AC832-E965-4DB8-A32A-43FB54289002}|%systemroot%\WindowsMobile\wmdHost.exe:@%systemroot%\WindowsMobile\wmdc.exe,-4004 "{48B5C621-D083-41F2-BD5D-ED051D4C96DE}"= UDP:26675:LocalSubnet:LocalSubnet|IF={D15822B0-CEF0-4CCC-A985-DA3F22F5CD96}:@%systemroot%\WindowsMobile\wmdc.exe,-4006 "{7A56BDF3-2AC4-4561-99F5-005AFBC9EBA9}"= UDP:999:LocalSubnet:LocalSubnet|IF={D15822B0-CEF0-4CCC-A985-DA3F22F5CD96}|%systemroot%\WindowsMobile\wmdHost.exe:@%systemroot%\WindowsMobile\wmdc.exe,-4005 "{81564126-A615-40AC-A344-8974012ED03B}"= UDP:5678:LocalSubnet:LocalSubnet|IF={D15822B0-CEF0-4CCC-A985-DA3F22F5CD96}|%systemroot%\WindowsMobile\wmdHost.exe:@%systemroot%\WindowsMobile\wmdc.exe,-4004 "UDP Query User{5F3F678A-B976-4EBE-AFDE-E32FBD168DBE}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule "TCP Query User{0569C56C-C5DF-4844-A817-EEE08488D7E8}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule "{BC9E97A2-A4B2-42F1-A7BA-FA467CABF718}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook "{A22C8D67-8239-4262-9F2C-B20991DBC31F}"= UDP:5721:LocalSubnet:LocalSubnet|IF={B2DCB384-BB03-4215-9A34-9F7393CC616C}:@%systemroot%\WindowsMobile\wmdc.exe,-4002 "{07A531C6-3FE1-4FFD-9F2F-A1292D02E73A}"= UDP:1034:LocalSubnet:LocalSubnet|IF={B2DCB384-BB03-4215-9A34-9F7393CC616C}:@%systemroot%\WindowsMobile\wmdc.exe,-4003 "{94E880DE-9DD7-4209-B654-47E1318741F6}"= UDP:5678:LocalSubnet:LocalSubnet|IF={B2DCB384-BB03-4215-9A34-9F7393CC616C}|%systemroot%\WindowsMobile\wmdHost.exe:@%systemroot%\WindowsMobile\wmdc.exe,-4004 "{94BA8307-FB18-494B-823E-52998D5766BA}"= UDP:999:LocalSubnet:LocalSubnet|IF={B2DCB384-BB03-4215-9A34-9F7393CC616C}|%systemroot%\WindowsMobile\wmdHost.exe:@%systemroot%\WindowsMobile\wmdc.exe,-4005 "{512C041F-1091-4B0D-A39D-433AFE79F3D4}"= UDP:26675:LocalSubnet:LocalSubnet|IF={B2DCB384-BB03-4215-9A34-9F7393CC616C}:@%systemroot%\WindowsMobile\wmdc.exe,-4006 "{A1B7E0B9-E90B-4E36-BA6D-E7BE2C38ED83}"= UDP:990:LocalSubnet:LocalSubnet|IF={B2DCB384-BB03-4215-9A34-9F7393CC616C}|%SystemRoot%\system32\svchost.exe|Svc=rapimgr:@%systemroot%\WindowsMobile\wmdc.exe,-4001 "{CF53B334-A48E-4C90-A2E3-64657E53CF7B}"= c:\program files\CyberLink\PowerDirector\PDR.EXE:CyberLink PowerDirector "{51AE049E-BC01-4E57-9A52-32AB59CECF03}"= UDP:5721:LocalSubnet:LocalSubnet|IF={A34882EA-709D-4B47-8E28-08294710C51B}:@%systemroot%\WindowsMobile\wmdc.exe,-4002 "{BD184F56-62FD-4484-AC8E-1CB65108BC0F}"= UDP:1034:LocalSubnet:LocalSubnet|IF={A34882EA-709D-4B47-8E28-08294710C51B}:@%systemroot%\WindowsMobile\wmdc.exe,-4003 "{891522A3-FAC9-4963-886E-4A5A30192C9E}"= UDP:5678:LocalSubnet:LocalSubnet|IF={A34882EA-709D-4B47-8E28-08294710C51B}|%systemroot%\WindowsMobile\wmdHost.exe:@%systemroot%\WindowsMobile\wmdc.exe,-4004 "{B8380BC8-A847-438F-8BE2-2BCD7791D2DA}"= UDP:999:LocalSubnet:LocalSubnet|IF={A34882EA-709D-4B47-8E28-08294710C51B}|%systemroot%\WindowsMobile\wmdHost.exe:@%systemroot%\WindowsMobile\wmdc.exe,-4005 "{CF9ED899-2E05-4B14-8B32-B55929F7687A}"= UDP:26675:LocalSubnet:LocalSubnet|IF={A34882EA-709D-4B47-8E28-08294710C51B}:@%systemroot%\WindowsMobile\wmdc.exe,-4006 "{3224753E-60F3-4E44-83B8-769254658B50}"= UDP:990:LocalSubnet:LocalSubnet|IF={A34882EA-709D-4B47-8E28-08294710C51B}|%SystemRoot%\system32\svchost.exe|Svc=rapimgr:@%systemroot%\WindowsMobile\wmdc.exe,-4001 "{D16E92C6-BBBE-40B6-99EA-89FEFD31871D}"= UDP:5721:LocalSubnet:LocalSubnet|IF={0AD3EBA3-34D3-4A3B-B553-540EEA71CD85}:@%systemroot%\WindowsMobile\wmdc.exe,-4002 "{AF860F04-DC96-440D-B22B-78B6A6D1B775}"= UDP:1034:LocalSubnet:LocalSubnet|IF={0AD3EBA3-34D3-4A3B-B553-540EEA71CD85}:@%systemroot%\WindowsMobile\wmdc.exe,-4003 "{978452AB-BAAD-405D-8EE3-3F8BC43050E6}"= UDP:5678:LocalSubnet:LocalSubnet|IF={0AD3EBA3-34D3-4A3B-B553-540EEA71CD85}|%systemroot%\WindowsMobile\wmdHost.exe:@%systemroot%\WindowsMobile\wmdc.exe,-4004 "{5E081708-A843-42EC-BBD3-A074C92A4B61}"= UDP:999:LocalSubnet:LocalSubnet|IF={0AD3EBA3-34D3-4A3B-B553-540EEA71CD85}|%systemroot%\WindowsMobile\wmdHost.exe:@%systemroot%\WindowsMobile\wmdc.exe,-4005 "{116DAC2E-86F4-45CD-B572-0FD127DE244C}"= UDP:26675:LocalSubnet:LocalSubnet|IF={0AD3EBA3-34D3-4A3B-B553-540EEA71CD85}:@%systemroot%\WindowsMobile\wmdc.exe,-4006 "{56AB9842-16F7-4356-B8DF-E33381CE6270}"= UDP:990:LocalSubnet:LocalSubnet|IF={0AD3EBA3-34D3-4A3B-B553-540EEA71CD85}|%SystemRoot%\system32\svchost.exe|Svc=rapimgr:@%systemroot%\WindowsMobile\wmdc.exe,-4001 "{36D86D0A-14C6-42BA-8F04-5B26028C6BDB}"= UDP:c:\program files\SmsDiscount.com\SmsDiscount\SmsDiscount.exe:SmsDiscount "{96AA97F0-78D4-4BD3-830B-2A537D6B6F50}"= TCP:c:\program files\SmsDiscount.com\SmsDiscount\SmsDiscount.exe:SmsDiscount "{B8AC6D0A-1960-4DF5-9019-F968E6F3477E}"= UDP:c:\program files\SmsDiscount.com\SmsDiscount\SmsDiscount.exe:SmsDiscount "{65B322A1-3CC1-402A-BC9A-84981E543D0B}"= TCP:c:\program files\SmsDiscount.com\SmsDiscount\SmsDiscount.exe:SmsDiscount "{EE3B27B1-015E-4987-AFA9-2B33C6C3AB42}"= UDP:5900:vnc5900 "{450793F4-53B2-4BCB-AF18-87730A51CD63}"= UDP:5800:vnc5800 "{20D0B7FC-D699-4645-8A95-ED6CE3BBF332}"= UDP:c:\program files\UltraVNC\vncviewer.exe:vncviewer.exe "{AA239E3B-21A1-469F-9B33-1775C4900D07}"= TCP:c:\program files\UltraVNC\vncviewer.exe:vncviewer.exe "{B65154AD-0545-4F5E-BF24-6E9DB356D25E}"= UDP:c:\program files\Pinnacle\Studio 12\Programs\RM.exe:Render Manager "{45290354-54E2-41E0-B839-8FCF9E90B368}"= TCP:c:\program files\Pinnacle\Studio 12\Programs\RM.exe:Render Manager "{E775275F-E2F5-493C-972B-1AF08FAD1437}"= UDP:c:\program files\Pinnacle\Studio 12\Programs\Studio.exe:Studio "{965BA949-C426-4CF5-8A76-9C6022885668}"= TCP:c:\program files\Pinnacle\Studio 12\Programs\Studio.exe:Studio "{B2C4F9BF-3750-42F9-B48F-12FF667DF848}"= UDP:c:\program files\Pinnacle\Studio 12\Programs\umi.exe:umi "{88C88D86-62D0-42D4-8ADB-266914D10157}"= TCP:c:\program files\Pinnacle\Studio 12\Programs\umi.exe:umi "{80F7876E-4BAC-4BF1-802D-394E2FAC4F81}"= UDP:48113:LocalSubnet:LocalSubnet:maconfig_tcp "{5046F2D2-5DD4-4226-BF7C-59A09B94533E}"= TCP:48113:LocalSubnet:LocalSubnet:maconfig_udp "{78A386AA-FC73-4EDC-9569-8804B911D31B}"= UDP:c:\program files\ma-config.com\maconfservice.exe:maconfservice "{4C3FCDCF-8051-4D70-ADDC-1B70F3BA6F68}"= TCP:c:\program files\ma-config.com\maconfservice.exe:maconfservice "{C5C562B3-DB6D-4E56-B148-2A62D873020D}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour "{AC49E56B-E05A-4251-8AED-AB154CACC17C}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour "{A612685A-87AC-4D50-BA59-134D10608439}"= UDP:c:\program files\DNA\btdna.exe:DNA (TCP-In) "{357020E3-3FBB-4AB4-8F7E-A86E1F3E314A}"= TCP:c:\program files\DNA\btdna.exe:DNA (UDP-In) "TCP Query User{16225431-C1FF-4DD0-8DA7-5BBB4227F3D7}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMuleMorphXT "UDP Query User{9A273C64-1EB2-4209-8D4D-92AD9DC4642C}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMuleMorphXT "{F4766DAA-37B1-4DBA-9210-748C59A84644}"= UDP:c:\program files\BitTorrent\BitTorrent.exe:BitTorrent (TCP-In) "{951915D1-1D92-462F-832B-6FA6E1B3703A}"= TCP:c:\program files\BitTorrent\BitTorrent.exe:BitTorrent (UDP-In) "{E6CEEEAF-3C3C-48C3-97BF-2D3785DC36DB}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync "{D49BD31F-382E-4AA5-AED9-0A6E44E8CBD8}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync [HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List] "c:\\Program Files\\BitTorrent\\bittorrent.exe"= c:\program files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent R0 pe3aqb2b;Lettriq Environment Driver (pe3aqb2b);c:\windows\System32\drivers\pe3aqb2b.sys [2008-06-06 68720] R0 pf2aqb2b;Lettriq File System Driver (pf2aqb2b);c:\windows\System32\drivers\pf2aqb2b.sys [2008-06-06 83568] R0 snapman380;Acronis Snapshots Manager (Build 380);c:\windows\System32\drivers\snman380.sys [2008-11-07 134272] R0 tdrpman147;Acronis Try&Decide and Restore Points filter (build 147);c:\windows\System32\drivers\tdrpm147.sys [2008-11-07 971232] R1 Odptdi;Odptdi;c:\windows\System32\drivers\odptdi.sys [2008-09-21 46744] R2 BDVEDISK;BDVEDISK;c:\program files\BitDefender\BitDefender 2009\BDVEDISK.sys [2008-10-06 82696] R2 SeaPort;SeaPort;c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656] R2 XobniService;XobniService;c:\program files\Xobni\XobniService.exe [2008-07-23 36352] R3 bdfm;BDFM;c:\windows\System32\drivers\bdfm.sys [2008-09-18 111112] R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;c:\windows\System32\drivers\bdfndisf.sys [2008-10-17 104328] S2 uvnc_service;uvnc_service;"c:\program files\UltraVNC\WinVNC.exe" -service --> c:\program files\UltraVNC\WinVNC.exe [?] S3 Arrakis3;BitDefender Arrakis Server;c:\program files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe [2008-07-17 118784] S3 GoogleDesktopManager-022208-143751;Google Desktop Manager 5.7.802.22438;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2008-03-16 29744] S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [2009-01-24 216232] S4 pr2aqb2b;Lettriq Drivers Auto Removal (pr2aqb2b);c:\windows\system32\pr2aqb2b.exe svc --> c:\windows\system32\pr2aqb2b.exe svc [?] S4 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\SiSoftware\SiSoftware Sandra Lite 2009\RpcAgentSrv.exe [2008-10-15 98488] S4 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2008-03-17 1153368] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc bdx REG_MULTI_SZ scan bthsvcs REG_MULTI_SZ BthServ WindowsMobile REG_MULTI_SZ wcescomm rapimgr LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1e77fbd4-1148-11dd-82d0-0019d1387982}] \shell\AutoRun\command - H:\InstallTomTomHOME.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{558fb7f8-f3f4-11dc-967a-0019d1387982}] \shell\AutoRun\command - F:\start.exe \shell\FramaKey\command - F:\start.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{56e1763e-03ae-11dd-9bc3-0019d1387982}] \shell\AutoRun\command - E:\PortableRoboForm.exe \shell\RoboForm2Go\command - E:\PortableRoboForm.exe . Contenu du dossier 'Tâches planifiées' 2009-03-01 c:\windows\Tasks\User_Feed_Synchronization-{1E742D1F-C241-4604-92B9-3F1165097C90}.job - c:\windows\system32\msfeedssync.exe [2008-01-21 03:25] . - - - - ORPHELINS SUPPRIMES - - - - WebBrowser-{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - (no file) . ------- Examen supplémentaire ------- . uStart Page = about:blank uInternet Settings,ProxyOverride = *.local IE: &Point&&Go - c:\program files\Common Files\Expert System\PGPlatform\PGPlatform.htm IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Barre RoboForm IE: Consulter les dictionnaires (SYSTRAN) IE: E&xporter vers Microsoft Excel IE: Enregistrer le formulaire IE: Personnaliser le menu IE: Remplir le formulaire IE: Sothink SWF Catcher IE: Traduire (SYSTRAN) IE: {{FBF9D685-BF2D-4337-9865-A4F86CC8A8CA} - c:\program files\SWF To Video Scout PRO\flashextract.exe Trusted Zone: secuser.com\www TCP: {C0A72E0C-7647-4816-BAC9-1DAEBFB2FD5F} = 212.27.40.241,212.27.40.240 FF - ProfilePath - c:\users\jacques\AppData\Roaming\Mozilla\Firefox\Profiles\bbvnnig1.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1434207&SearchSource=3&q= FF - prefs.js: browser.startup.homepage - chrome://fastdial/content/fastdial.html FF - component: c:\program files\Mozilla Firefox\components\FFComm.dll FF - component: c:\program files\Mozilla Firefox\components\GoogleDesktopMozilla.dll FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll FF - component: c:\users\jacques\AppData\Roaming\Mozilla\Firefox\Profiles\bbvnnig1.default\extensions\{a6e4a4eb-d169-4e99-8988-250fcbafe767}\components\FFAlert.dll FF - component: c:\users\jacques\AppData\Roaming\Mozilla\Firefox\Profiles\bbvnnig1.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\components\ipc.dll . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-03-01 07:53:47 Windows 6.0.6001 Service Pack 1 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_USERS\S-1-5-21-1320545634-427508009-685320544-1000_Classes\Software\CLASSES\CLSID\{15A8C73A-AC8B-AB90-FA5B-22A50E7BCCD4}*\InprocServer32] "{15A8C73A-AC8B-AB90-FA5B-22A50E7BCCD4}"=hex:29,57,45,94,9e,c9,81,2a,84,d2,e2, 15,f3,7e,da,d8,ea,7d,02,0a,61,58,9a,6f,29,57,45,94,9e,c9,81,2a,29,57,45,94,\ [HKEY_USERS\S-1-5-21-1320545634-427508009-685320544-1000_Classes\Software\CLASSES\CLSID\{47AB14AF-EC26-A6A0-A0C8-EA858301596D}*\InprocServer32] "{47AB14AF-EC26-A6A0-A0C8-EA858301596D}"=hex:3d,9d,7a,33,aa,28,ba,6d,94,df,b2, 56,81,37,3f,31,50,fc,8a,be,ce,d8,ea,b8,3d,9d,7a,33,aa,28,ba,6d,3d,9d,7a,33,\ [HKEY_USERS\S-1-5-21-1320545634-427508009-685320544-1000_Classes\Software\CLASSES\CLSID\{521DDAEA-357E-348D-529F-69C86B079B88}*\InprocServer32] "{521DDAEA-357E-348D-529F-69C86B079B88}"=hex:ff,7a,aa,c2,31,a5,04,49,00,1c,0d, 03,ca,ea,af,52,b1,a7,d8,e1,33,7e,46,3e,ff,7a,aa,c2,31,a5,04,49,ff,7a,aa,c2,\ [HKEY_USERS\S-1-5-21-1320545634-427508009-685320544-1000_Classes\Software\CLASSES\CLSID\{6350E045-29B0-F0FE-EBCA-E045A6A7B899}*\InprocServer32] "{6350E045-29B0-F0FE-EBCA-E045A6A7B899}"=hex:2d,f8,7e,32,4d,1c,7c,ed,5a,91,b4, c1,3f,26,c7,c5,af,43,13,78,6a,12,18,ae,2d,f8,7e,32,4d,1c,7c,ed,2d,f8,7e,32,\ [HKEY_USERS\S-1-5-21-1320545634-427508009-685320544-1000_Classes\Software\CLASSES\CLSID\{646939D8-B81B-3B2C-D44B-2DBE28BA332C}*\InprocServer32] "{646939D8-B81B-3B2C-D44B-2DBE28BA332C}"=hex:14,6a,41,14,ce,e9,2d,20,50,f9,f2, 21,b7,31,d4,df,42,4c,4e,8d,45,fa,b6,f4,14,6a,41,14,ce,e9,2d,20,14,6a,41,14,\ [HKEY_USERS\S-1-5-21-1320545634-427508009-685320544-1000_Classes\Software\CLASSES\CLSID\{7D372500-BE9C-A90E-A9DC-9F5CD5F5E5D3}*\InprocServer32] "{7D372500-BE9C-A90E-A9DC-9F5CD5F5E5D3}"=hex:24,9f,4f,39,04,65,56,d9,d3,69,73, 4a,ec,12,9f,59,bd,5b,5d,a7,62,a0,e8,87,24,9f,4f,39,04,65,56,d9,24,9f,4f,39,\ [HKEY_USERS\S-1-5-21-1320545634-427508009-685320544-1000_Classes\Software\CLASSES\CLSID\{AF7FA460-04D3-E351-6437-62AB14805DAA}*\InprocServer32] "{AF7FA460-04D3-E351-6437-62AB14805DAA}"=hex:ea,93,b6,11,8a,4a,ed,ef,b7,24,6d, b5,cd,77,ce,6a,96,b1,75,e3,b4,6e,1a,37,ea,93,b6,11,8a,4a,ed,ef,ea,93,b6,11,\ [HKEY_USERS\S-1-5-21-1320545634-427508009-685320544-1000_Classes\Software\CLASSES\CLSID\{C6EFFA37-DE45-CE36-AF2E-00D9541B4AA8}*\InprocServer32] "{C6EFFA37-DE45-CE36-AF2E-00D9541B4AA8}"=hex:56,a0,78,b6,7d,ee,27,a8,7f,59,48, 65,26,0d,c3,f1,e0,6d,c5,30,c7,35,c2,de,56,a0,78,b6,7d,ee,27,a8,56,a0,78,b6,\ [HKEY_USERS\S-1-5-21-1320545634-427508009-685320544-1000_Classes\Software\CLASSES\CLSID\{DDB7BF1A-39F1-3D9A-CE48-315AFA240514}*\InprocServer32] "{DDB7BF1A-39F1-3D9A-CE48-315AFA240514}"=hex:bf,a7,07,c1,12,e0,8b,04,4c,86,f1, a2,c2,5e,5d,4a,b5,85,de,4a,f6,08,58,8e,bf,a7,07,c1,12,e0,8b,04,bf,a7,07,c1,\ [HKEY_USERS\S-1-5-21-1320545634-427508009-685320544-1000_Classes\Software\CLASSES\CLSID\{F8655D1C-88FE-9861-F9E2-BFD4158045C0}*\InprocServer32] "{F8655D1C-88FE-9861-F9E2-BFD4158045C0}"=hex:ce,73,72,e9,4b,1e,88,68,dc,b6,1b, ba,92,aa,6a,75,68,fb,88,73,92,a1,c5,99,ce,73,72,e9,4b,1e,88,68,ce,73,72,e9,\ . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'Explorer.exe'(4920) c:\program files\Logitech\SetPoint\lgscroll.dll c:\users\jacques\AppData\Local\Temp\catchme.dll . Heure de fin: 2009-03-01 8:00:16 ComboFix-quarantined-files.txt 2009-03-01 06:58:56 Avant-CF: 73,582,485,504 octets libres Après-CF: 73,537,421,312 octets libres 627 --- E O F --- 2009-02-28 05:55:03
- le 1 mars 2009
- 15 réponses
pc lent

jg92 a répondu à un(e) sujet de jg92 dans Analyses et éradication malwares

Bonjour voici les deux logs. info.txt logfile of random's system information tool 1.05 2009-02-28 17:37:01 ======Uninstall list====== -->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 -->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER -->MsiExec.exe /I{403EF592-953B-4794-BCEF-ECAB835C2095} -->MsiExec.exe /X{364EC092-93CF-4DDC-9D7A-7278452028E0} -->MsiExec.exe /X{E18B6DCE-AE5A-4E16-AFFA-EB8F3E09FBD6} 1&1 Connexion directe-->C:\Program Files\1&1\1&1 EasyLogin\Uninstall.exe 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419} 3Planesoft Screensaver Manager 1.2-->"C:\Program Files\3Planesoft Screensaver Manager\unins000.exe" 4Team Sync2-->MsiExec.exe /X{405A02AA-8AE7-4BEF-A7A6-E03EFB6E1431} Abrosoft FantaMorph 4.1-->"C:\Program Files\Abrosoft\FantaMorph4\unins000.exe" Acronis True Image Home-->MsiExec.exe /X{37C8899D-FD70-481F-94AA-1F1B08765E22} Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF} Adobe AIR-->MsiExec.exe /I{197A3012-8C85-4FD3-AB66-9EC7E13DB92E} Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95} Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61} Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394} Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23} Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C} Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C} Adobe Color Common Settings-->C:\Program Files\Common Files\Adobe\Installers\6c8e2cb4fd241c55406016127a6ab2e\Setup.exe Adobe Color Common Settings-->MsiExec.exe /I{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF} Adobe Color EU Extra Settings-->MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8} Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029} Adobe Color NA Recommended Settings-->MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5} Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D} Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD} Adobe ExtendScript Toolkit 2-->C:\Program Files\Common Files\Adobe\Installers\3e054d2218e7aa282c2369d939e58ff\Setup.exe Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{24D7346D-D4B4-45E8-98EA-75EC14B42DD8} Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe Adobe Flash Player 9 ActiveX-->MsiExec.exe /X{786547F9-59BB-4FA3-B2D8-327FF1F14870} Adobe Flash Player ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B} Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245} Adobe Illustrator CS3-->C:\Program Files\Common Files\Adobe\Installers\a04a925a57548091300ada368235fc6\Setup.exe Adobe Illustrator CS3-->MsiExec.exe /I{F08E8D2E-F132-4742-9C87-D5FF223A016A} Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078} Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C} Adobe Premiere Pro CS3 Functional Content-->MsiExec.exe /I{50F102CA-4BE2-41A9-9810-5BB05EB91B9A} Adobe Premiere Pro CS3-->C:\Program Files\Common Files\Adobe\Installers\32fdd767b4383606e8168e834af5d90\Setup.exe Adobe Premiere Pro CS3-->MsiExec.exe /I{58DCEEE5-532E-44F4-B1D7-A146EF9E9FDA} Adobe Reader 8.1.3 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81300000003} Adobe Setup-->MsiExec.exe /I{4F3E17F8-F1C8-4A4B-9EB8-1EE2D190CDA9} Adobe Setup-->MsiExec.exe /I{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1} Adobe Setup-->MsiExec.exe /I{B3C02EC1-A7B0-4987-9A43-8789426AAA7D} Adobe Setup-->MsiExec.exe /I{BB81360F-041C-4CF7-B15E-71380D154244} Adobe Shockwave Player-->C:\Windows\System32\Adobe\SHOCKW~1\UNWISE.EXE C:\Windows\System32\Adobe\SHOCKW~1\Install.log Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312} Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5} Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6} Adobe XMP DVA Panels CS3-->MsiExec.exe /I{0224CACC-994D-45F8-B973-D65056EA9C2F} Adobe XMP Panels CS3-->MsiExec.exe /I{D5A31AB1-345D-47C7-A87B-036A669F6DF1} AI RoboForm (All Users)-->"C:\Program Files\Siber Systems\AI RoboForm\rfwipeout.exe" AlauxSoft Comptes et Budget V5.0-->"C:\Program Files\Comptes et Budget V5.0\unins000.exe" Alien Sky-->C:\PROGRA~1\GAMEHO~1\AlienSky\UNWISE.EXE /U C:\PROGRA~1\GAMEHO~1\AlienSky\INSTALL.LOG Ancient Castle 3D Screensaver 1.1-->"C:\Program Files\Ancient Castle 3D Screensaver\unins000.exe" Animation from Movie-->MsiExec.exe /I{D4438CB0-8C7F-40B2-A1CF-3D802FBAECB2} AnmanieSMP 2.4 i-->"C:\Program Files\AnmSMP\unins000.exe" Anti Doublons FACILE 7.2.3.3-->"C:\Adp\unins000.exe" AnyDVD-->"C:\Program Files\SlySoft\AnyDVD\AnyDVD-uninst.exe" /D="C:\Program Files\SlySoft\AnyDVD" Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886} Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033} Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe ArcSoft PhotoStudio 5.5-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{85309D89-7BE9-4094-BB17-24999C6118FC}\SETUP.EXE" -l0x40c Artisteer 2 (Beta)-->"C:\Program Files\Artisteer 2 (Beta)\bin\Uninstall.exe" Ashampoo Burning Studio 8.04-->"C:\Program Files\Ashampoo\Ashampoo Burning Studio 8\unins000.exe" Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7} Assistant Impression de calendriers pour Microsoft Office Outlook 2007-->MsiExec.exe /X{90120000-00A7-040C-0000-0000000FF1CE} ATI AVIVO Codecs-->MsiExec.exe /I{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3} Atlantis Sky Patrol™-->"C:\Program Files\Atlantis Sky Patrol\Uninstall.exe" Aventail OnDemand Proxy Agent-->MsiExec.exe /X{1CC340A6-E2E8-4986-B4F6-300055258684} Aventail Web Proxy Agent-->MsiExec.exe /X{9B0B46B3-10DF-4ADA-9501-0129D784563D} Aventail Webifiers-->MsiExec.exe /X{54D44AD1-A083-48B9-BD6F-AFD517B7C775} AviSynth 2.5-->"C:\Program Files\AviSynth 2.5\Uninstall.exe" AVS Audio Converter version 5.1-->"C:\Program Files\AVS4YOU\AVSAudioConverter\unins000.exe" AVS Capture Wizard 1.5.1-->"C:\Program Files\AVS4YOU\AVSCaptureWizard\unins000.exe" AVS Clone CD version 3.8-->"C:\Program Files\AVS4YOU\AVSCloneCD\unins000.exe" AVS Disc Creator version 3.4-->"C:\Program Files\AVS4YOU\AVSDiscCreator\unins000.exe" AVS DV to DVD 1.2-->"C:\Program Files\AVS4YOU\AVSDVtoDVD\unins000.exe" AVS DVD Authoring-->"C:\Program Files\AVS4YOU\AVSDVDAuthoring\unins000.exe" AVS DVD Copy version 1.4-->"C:\Program Files\AVS4YOU\AVSDVDCopy\unins000.exe" AVS DVD Player version 2.4-->"C:\Program Files\AVS4YOU\AVSDVDPlayer\unins000.exe" AVS DVDMenu Editor 1.2.1.19-->"C:\Program Files\Common Files\AVSMedia\AVS DVDMenu Editor\unins000.exe" AVS Ringtone Maker version 1.6-->"C:\Program Files\AVS4YOU\AVSRingtoneMaker\unins000.exe" AVS TV Box 1.5.1-->"C:\Program Files\AVS4YOU\AVSTVBox\unins000.exe" AVS Video Capture 2.3.0.1-->"C:\Program Files\AVS4YOU\AVSVideoCapture\unins000.exe" AVS Video Converter 6-->"C:\Program Files\AVS4YOU\AVSVideoConverter6\unins000.exe" AVS Video Editor 3.5-->"C:\Program Files\AVS4YOU\AVSVideoEditor\unins000.exe" AVS Video Editor 4-->"C:\Program Files\AVS4YOU\AVSVideoEditor4\unins000.exe" AVS Video to Flash-->"C:\Program Files\AVS4YOU\AVSVideotoFlash\unins000.exe" AVS Video to GO-->"C:\Program Files\AVS4YOU\AVSVideotoGO\unins000.exe" AVS4YOU Software Navigator 1.3-->"C:\Program Files\AVS4YOU\AVSSoftwareNavigator\unins000.exe" Azada : Ancient Magic-->"C:\Program Files\Azada - Ancient Magic\Uninstall.exe" Azada-->"C:\Program Files\Azada\Uninstall.exe" Azada-->"C:\Program Files\orange\jeux\Azada\Uninstall.exe" "C:\Program Files\orange\jeux\Azada\install.log" BanqueManager 2009 (version 3.0.9.52 finale)-->"C:\Program Files\Banque 3.0 Manager\unins000.exe" Belarc Advisor 7.2-->C:\PROGRA~1\Belarc\Advisor\UNINST~1.EXE C:\PROGRA~1\Belarc\Advisor\INSTALL.LOG Big Fish Games Client-->C:\Program Files\bfgclient\Uninstall.exe Bliss Island-->"C:\Program Files\Bliss Island\Uninstall.exe" Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B} Boris Graffiti-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{262BF2CD-601D-4F43-919C-4B00B1D1F338}\setup.exe" -l0x40c -removeonly BR-->MsiExec.exe /I{C57CD366-C6BE-45B5-B5C6-0424E506F1D0} Brickquest-->"C:\Program Files\Brickquest\Uninstall.exe" BVS Solitaire Collection-->"C:\Program Files\BVS Solitaire Collection\Uninstall.exe" calibre-->C:\Program Files\calibre\uninstall.exe CamStudio-->C:\Program Files\CamStudio\uninstall.exe Canon CanoScan Toolbox 5.0-->"C:\Program Files\Canon\CanoScan Toolbox Ver5.0\Maint.exe" /UninstallRemove C:\Program Files\Canon\CanoScan Toolbox Ver5.0\uninst.ini CanoScan LiDE 600F-->"C:\Windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802 /L0x000c Caricatool 2.00-->"C:\Program Files\Caricatool\unins000.exe" Cartes Animées 2-->MsiExec.exe /X{F2944E6F-DF6E-4D97-819F-79118EFC6A02} Catalyst Control Center - Branding-->MsiExec.exe /I{D3B1C799-CB73-42DE-BA0F-2344793A095C} CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe" CDDRV_Installer-->MsiExec.exe /I{0C826C5B-B131-423A-A229-C71B3CACCD6A} Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E} CloneCD-->"C:\Program Files\SlySoft\CloneCD\ccd-uninst.exe" /D="C:\Program Files\SlySoft\CloneCD" CloneDVD2-->"C:\Program Files\Elaborate Bytes\CloneDVD2\CloneDVD2-uninst.exe" /D="C:\Program Files\Elaborate Bytes\CloneDVD2" Cobian Backup 8-->C:\Program Files\Cobian Backup 8\cbUninstall.exe Complément Microsoft Enregistrer en tant que PDF pour programmes Microsoft Office 2007-->MsiExec.exe /X{90120000-00B0-040C-0000-0000000FF1CE} Comptes Bancaires Faciles 2009 [8.2.0.0]-->"C:\Gst\unins000.exe" Converio-->"C:\Program Files\Converio 2.0\unins000.exe" Cordial 2009 Pro, correcteur et analyseur de la langue française-->C:\Program Files\Cordial\Desinsta.exe CordialExcel2007Installation-->MsiExec.exe /I{7AF5F496-8F81-45DD-8616-77F56D283D55} CordialOutlook2007Installation-->MsiExec.exe /I{2FDB6C5D-58CB-495C-97CB-252DE2703260} CordialWord2007Installation-->MsiExec.exe /I{2669246B-7FB2-4480-A3BA-1CB20E5AD07C} CorelDRAW Design Collection - 3-->MsiExec.exe /X{0A5E9BD7-2885-4B06-8CFD-2EC6BCE8110E} CorelDRAW Graphics Suite X3-->MsiExec.exe /I{7C5123A9-30A8-4C44-89CA-A8C87A1FCC91} CrazyTalk Media Studio v4.5 Retail-->MsiExec.exe /X{0FA441DC-11F2-49BF-B9C0-0CB36DF9A9EF} Crypteur d'e-mails-->"C:\Program Files\cemail\unins000.exe" CTBirthday (remove only)-->"C:\Program Files\Connective Tools\CTBirthday\uninst.exe" CyberLink PhotoNow-->"C:\Program Files\InstallShield Installation Information\{D36DD326-7280-11D8-97C8-000129760CBE}\Setup.exe" /z-uninstall CyberLink PowerDirector-->"C:\Program Files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\setup.exe" /z-uninstall Decoder 4.0-->"C:\Program Files\Etresoft Decoder 4.0\unins000.exe" Dell Resource CD-->MsiExec.exe /X{2764CA82-DFB9-4498-AF85-719340BF5305} DHTML Editing Component-->MsiExec.exe /I{2EA870FA-585F-4187-903D-CB9FFD21E2E0} Diaporama Créateur Photo HD-->MsiExec.exe /X{C1FD1685-D578-4F60-8AAF-AA02C9BB8690} DivX Author 1.5-->C:\Program Files\DivX\DivX Author 1.5\DivXAuthorUninstall.exe /DIVX_AUTHOR DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN DocRepair-->C:\PROGRA~1\Jufsoft\DOCREP~1\UNWISE.EXE C:\PROGRA~1\Jufsoft\DOCREP~1\INSTALL.LOG Documalis Free Scanner 1.0-->"C:\Windows\Documalis Free Scanner 1.0\uninstall.exe" "/U:C:\Program Files\Documalis Free\FreeScanner\Uninstall\uninstall.xml" DragonStone-->"C:\Program Files\DragonStone\Uninstall.exe" Dream Chronicles 2 The Eternal Maze-->C:\PROGRA~1\GAMEHO~1\DREAMC~1\UNWISE.EXE /U C:\PROGRA~1\GAMEHO~1\DREAMC~1\INSTALL.LOG Dream Chronicles 2-->C:\PROGRA~1\PLAYFI~1\DREAMC~1\UNWISE.EXE C:\PROGRA~1\PLAYFI~1\DREAMC~1\INSTALL.LOG Driver Genius Professional Edition-->"C:\Program Files\Driver-Soft\DriverGenius\unins000.exe" Driver Updater Pro-->"C:\ProgramData\{C2278D61-978F-4EB3-A8F3-E90811A93014}\DriverUpdaterPro.exe" REMOVE=TRUE MODIFY=FALSE Driver Updater Pro-->C:\ProgramData\{C2278D61-978F-4EB3-A8F3-E90811A93014}\DriverUpdaterPro.exe EasyBCD 1.7.2-->C:\Program Files\NeoSmart Technologies\EasyBCD\uninstall.exe EasyPHP 2.0b1-->"C:\Program Files\EasyPHP 2.0b1\unins000.exe" eMule-->"C:\Program Files\eMule\Uninstall.exe" eMulev0.49a.-MorphXTv11.0-->"C:\Program Files\eMule\unins000.exe" ENJOY Plus!-->"C:\Program Files\ENJOY Plus!\UnInstall.exe" Eraser-->"C:\ProgramData\{A25FEDC1-F6D7-440C-BCE2-B71F595F6646}\EraserSetup32.exe" REMOVE=TRUE MODIFY=FALSE Expert System Point&Go Platform-->"C:\Program Files\Common Files\Expert System\PGPlatform\unins000.exe" FaceMorpher 2.5-->C:\Program Files\FaceMorpher\uninst.exe FaceMorpher Lite 2.1-->C:\Program Files\FaceMorpher Lite\uninst.exe Fairway Solitaire-->"C:\Program Files\Fairway Solitaire\Uninstall.exe" Fairy Treasure-->"C:\Program Files\Fairy Treasure\Uninstall.exe" FileZilla Client 3.2.1-->C:\Program Files\FileZilla Client\uninstall.exe Fireplace 3D Screensaver 1.0-->"C:\Program Files\Fireplace 3D Screensaver\unins000.exe" Fishdom-->"C:\Program Files\Fishdom\ReflexiveArcade\unins000.exe" Fishdom-->"C:\Program Files\Fishdom\Uninstall.exe" Flash Decompile Master 5.0.1.1789-->"C:\Program Files\Flash Decompile Master\unins000.exe" FLiP - Speller & Grammar-->MsiExec.exe /I{8D71906B-2FF7-4A05-A5B9-6961BABBF583} Flip Words-->"C:\Program Files\Flip Words\Uninstall.exe" FontNav-->MsiExec.exe /I{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE} FotoMorph-->MsiExec.exe /I{B058CD29-0619-44F6-9683-DE5728412C17} FpTest 3.2-->C:\Program Files\FpTest\uninst.exe FR-->MsiExec.exe /I{ECE923A3-A411-4494-B6E6-78F13B71BEBF} FreeGo version 4-->"C:\Program Files\FreeGo\unins000.exe" Free-info-->"C:\Program Files\Free-info\unins000.exe" FtpPublish - Psylon-->C:\Program Files\FtpPublish\FtpPublish.exe -uninstall Galerie de photos Windows Live-->MsiExec.exe /X{44E54A81-9D91-4AA1-9417-80AFF134F5FF} Généatique 2007-->"C:\Program Files\Geneatique2007\unins000.exe" Gestionnaire pour appareils Windows Mobile-->MsiExec.exe /I{1F2A5DF9-40E1-4644-ADBD-D80F347BA6C8} GoodSync-->"C:\Program Files\Siber Systems\GoodSync\uninstall.exe" Google Calendar Sync-->"C:\Program Files\Google\Google Calendar Sync\uninstall.exe" Google Desktop Plugin - Google Video-->MsiExec.exe /I{97F89CB5-2E51-425E-B66B-BDAB6A08F628} Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3} Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_0531C63A913CC9D1.exe" /uninstall Google Video Uploader-->"C:\Program Files\Google Video\Uninstall.exe" GPL Ghostscript 8.63-->C:\Program Files\gs\uninstgs.exe "C:\Program Files\gs\gs8.63\uninstal.txt" GrabIt 1.7.2 Beta 3 (build 996)-->"C:\Program Files\GrabIt\unins000.exe" Granny in Paradise-->"C:\Program Files\Granny in Paradise\Uninstall.exe" HFX Volume 1-->MsiExec.exe /I{468B359F-BAEF-466F-BB82-5EDEA1D8B2FB} HFX Volume 2-->MsiExec.exe /I{37F79692-6F8A-487E-BF5A-A1E3227D9830} HFX Volume 3-->MsiExec.exe /I{659AC38D-6F03-47E9-A920-B54B45B15AB5} HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall Home Jukebox 0.8.4-->"C:\Program Files\Home Jukebox\unins000.exe" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" Hyperspace Invader-->"C:\Program Files\Hyperspace Invader\Uninstall.exe" IETester v0.2.3 (remove only)-->"C:\Program Files\Core Services\IETester\uninstall.exe" Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D} Intel® Network Connections 13.5.32.0-->MsiExec.exe /i{777AD08E-B32A-4456-AFE1-094DBECEB268} ARPREMOVE=1 Intel® Network Connections 13.5.32.0-->MsiExec.exe /i{777AD08E-B32A-4456-AFE1-094DBECEB268} ARPREMOVE=1 Intel® Matrix Storage Manager-->C:\Program Files\Intel\Intel Matrix Storage Manager\Uninstall\imsmudlg.exe -uninstall JAlbum 7.4-->C:\Program Files\JAlbumWin\Uninstall.exe Jasc Animation Shop 3-->MsiExec.exe /I{174D5678-D941-433C-BD23-58A5C7B0D36D} Java 6 Update 10-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF} Jerrycan V7.11-->"C:\Program Files\Jerrycan\unins000.exe" Jeteye for Internet Explorer 1.0.16-->MsiExec.exe /I{EC90DD3D-02AE-45A6-846D-17853427A45E} Joomlanet 1.0-->"C:\Program Files\Joomlanet\unins000.exe" Junk Mail filter update-->MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3} KC Softwares IDPhotoStudio-->"C:\Program Files\KC Softwares\IDPhotoStudio\unins000.exe" KhalInstallWrapper-->MsiExec.exe /I{3101CB58-3482-4D21-AF1A-7057FC935355} Kit Runtime VB6.0-->C:\WINDOWS\st6unst.exe -n "C:\Windows\system32\ST6UNST.LOG" L&H TTS3000 Français-->RunDll32 advpack.dll,LaunchINFSection C:\Windows\INF\LHTTSFRF.inf, Uninstall La boite a couleurs version 1.6.15-->"C:\Program Files\LaBoiteACouleurs\unins000.exe" Lagoon 3D Screensaver 1.0-->"C:\Program Files\Lagoon 3D Screensaver\unins000.exe" LE PERE FOURAS EST DEVIN-->C:\Program Files\LE PERE FOURAS EST DEVIN\KillFouras.exe LeConjugueur-->"C:\Program Files\LeConjugueur\uninstall.exe" Lettriq-->"C:\Program Files\Lettriq\unins000.exe" Logitech Audio Echo Cancellation Component-->MsiExec.exe /X{BEF726DD-4037-4214-8C6A-E625C02D2870} Logitech SetPoint 5.10-->MsiExec.exe /I{D3120436-1358-4253-9EB2-257FFE8CE1D9} Luxor 2-->"C:\Program Files\Luxor 2\Uninstall.exe" Luxor 3-->"C:\Program Files\Luxor 3\Uninstall.exe" Luxor: Quest for the Afterlife-->"C:\Program Files\Luxor - Quest for the Afterlife\Uninstall.exe" Ma-Config.com-->MsiExec.exe /X{8AFB8FC4-3EBA-4C67-943F-CF43DB2180F1} Magic Bullet Looks Studio-->C:\Windows\unvise32.exe C:\Program Files\Pinnacle\Studio 12\Plugins\RTFx\mblooksstudio.log Mahjong Towers Eternity-->"C:\Program Files\Mahjong Towers Eternity\Uninstall.exe" Mail Control-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E4DA2D8A-0C57-11D6-A4CD-0080AD00A465}\Setup.exe" -l0x40c MailWasher Pro 6.3 Fr-->C:\Program Files\Firetrust\MailWasher Pro\Uninstal.exe Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Manuel de l'appareil Windows Mobile®-->C:\Program Files\Windows Mobile Device Handbook\Windows Mobile Device Handbook\Bin\DHUninstall.exe MaxiCompte-->"C:\Program Files\MaxiCompte\unins000.exe" Media Add-ons pour Acronis True Image Home 2009-->MsiExec.exe /X{8B961557-75BB-4336-8167-90267ED34267} MelQuote-->"C:\Program Files\torris\MelQuote\unins000.exe" MemInfo (remove only)-->"C:\Program Files\MemInfo\uninstall.exe" mes données 1.0.0.7-->C:\Program Files\mes données\uninst.exe MesNews-->"C:\Program Files\MesNews\unins000.exe" Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe" Micro Application - Cartes animées-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2D991B91-55E2-4D32-AA6F-5A822CFC6E15}\setup.exe" -l0x40c Microsoft .NET Framework 1.1 Hotfix (KB929729)-->"C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M929729\M929729Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31} Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE} Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE} Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE} Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC} Microsoft Office Outlook Connector-->MsiExec.exe /I{95120000-0120-040C-0000-0000000FF1CE} Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE} Microsoft Office Professional Plus 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE} Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE} Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE} Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE} Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE} Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE} Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE} Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE} Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE} Microsoft Outlook Web Access S/MIME-->MsiExec.exe /X{6CF08AD2-00C5-4A63-B74B-2EFFFAFEBE1A} Microsoft Reader Text-to-Speech pour le français-->MsiExec.exe /X{6F1547AA-8DA7-4FAC-BA11-BE1659E7086E} Microsoft Reader-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B6F7DBE7-2FE2-458F-A738-B10832746036}\Setup.exe" -L0x40c Microsoft Search Enhancement Pack-->MsiExec.exe /I{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E} Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5} Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB} Microsoft Virtual PC 2007-->MsiExec.exe /X{8A7CAA24-7B23-410B-A7C3-F994B0944160} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7} Microsoft Visual Studio 2005 Tools for Office Runtime-->MsiExec.exe /X{388E4B09-3E71-4649-8921-F44A3A2954A7} Mise à Jour Cartes Animées 2-->MsiExec.exe /X{4F1C3E6E-173C-4D28-AC34-B95ABA750724} Mise à jour du pilote du Gestionnaire pour appareils Windows Mobile-->MsiExec.exe /X{CB8CA439-DA83-419C-A4CF-5A0A50025144} Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe Morpheus Photo Animation Suite v3.10-->"C:\Program Files\Morpheus Photo Animation Suite\unins000.exe" Morphing FACILE 2.0.1.1-->"C:\Mng\unins000.exe" Mozilla Firefox (3.0.5)-->F:\Apps\PortableFirefox\firefox\uninstall\helper.exe Mozilla Firefox (3.0.6)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe Mozilla Thunderbird (2.0.0.19)-->C:\FRAMAKEY\Apps\PortableThunderbird\App\thunderbird\uninstall\helper.exe MSN Pictures Displayer 4.5-->"C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe" /U MSN-->C:\Program Files\MSN\MsnInstaller\msniadm.exe /Action:ARP MSNdecrypter-->MsiExec.exe /I{351A42B8-ECB5-4C6F-B734-6CF997865D31} MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC} Musaic Box-->"C:\Program Files\Musaic Box\Uninstall.exe" MVision-->MsiExec.exe /I{35725FBC-A136-4A46-9F29-091759D9BB93} MyHeritage Family Tree Builder-->C:\MyHeritage\Bin\Uninstall.exe Nature 3D Screensaver 1.1-->"C:\Program Files\Nature 3D Screensaver\unins000.exe" NetPassword-->"C:\Program Files\NetPassword\unins000.exe" Notepad++-->C:\Program Files\Notepad++\uninstall.exe Nvu 1.0-->"C:\Program Files\Nvu\unins000.exe" ObjectDock Plus-->C:\PROGRA~1\Stardock\OBJECT~2\objectdock.exe /uninstall OLYMPUS Master 2-->MsiExec.exe /X{E68C446D-D95A-4160-AC39-DE7062422985} OLYMPUS muvee theaterPack-->MsiExec.exe /X{C3E74827-FA19-47D9-A1C7-16E744E0CE87} OmniGSoft Nine Hole Golf 1.0 (Trial Version)-->C:\Windows\WindowsMobile\OmniGSoft Nine Hole Golf 1.0 (Trial Version)\Uninstall.exe OmniGSoft Nine Hole Golf 1.0 (Trial Version) Orange Plug-in messagerie vocale 888-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{16E79B1D-D1C2-4CA6-8B23-F4D890E0DCB9}\Setup.exe" -l0x40c --AddRemove Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} Package de pilotes Windows - eMPIA Technology Inc, (emAudio) MEDIA (08/31/2007 5.7.0831.0)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst32.exe /u C:\Windows\System32\DriverStore\FileRepository\emaudio.inf_6afbf8f6\emaudio.inf Passbox-->"C:\Program Files\Passbox2007\unins000.exe" PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5} PDFCreator Toolbar-->"C:\Windows\PDFCreator_Toolbar_Uninstaller_6533.exe" _?=C:\Program Files\PDFCreator Toolbar PDFCreator-->C:\Program Files\PDFCreator\unins000.exe PDF-XChange 3 Pro-->"C:\Program Files\Tracker Software\PDF-XChange 3 Pro\unins000.exe" Peggle Deluxe-->"C:\Program Files\Peggle Deluxe\Uninstall.exe" Pharaoh`s Mystery-->"C:\Program Files\Pharaoh`s Mystery\Uninstall.exe" Photo to Cartoon-->MsiExec.exe /I{77614EA5-B521-4604-9AF3-1ACF10826DD3} Photo! 3D Album and Photo! 3D ScreenSaver 1.2-->"C:\Program Files\Photo!\Photo! 3D Album\unins000.exe" PhotoFiltre Studio-->"C:\Program Files\PhotoFiltre Studio\Uninst.exe" Photosynth 2.0.1519.16-->MsiExec.exe /X{366E24C6-9097-4F63-BF42-3F3EF356A960} Picasa 3-->"C:\Program Files\Google\Picasa3\Uninstall.exe" Pilote vidéo Pinnacle-->MsiExec.exe /X{5EB90C06-964F-4195-B83E-BD7E55C88415} Pinnacle Instant DVD Recorder-->MsiExec.exe /X{C1212AE3-DBB9-4365-8473-F8ABC7B06BBB} Pinnacle Studio 12 Ultimate Plugins-->MsiExec.exe /I{D1860E6E-520E-4380-8433-E58E8F88B473} Pinnacle Studio 12-->MsiExec.exe /I{D041EB9E-890A-4098-8F94-51DA194AC72A} pocket Theme Manager 2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4CCBA3A8-A938-4300-9E40-3018EA1FCBEE}\setup.exe" -l0x40c Poker Pop-->"C:\Program Files\Poker Pop\Uninstall.exe" PowerCinema NE for Everio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{39CEE1F2-12B6-4C50-9131-04BFCA110578}\setup.exe" -uninstall PowerDirector Express-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EDE721EC-870A-11D8-9D75-000129760D75}\setup.exe" -uninstall PowerPoint2007Installation-->MsiExec.exe /I{C173A216-005D-4047-8C62-E751680F66B5} PowerpointImageExtractor-->"C:\Program Files\PowerpointImageExtractor_V1_2\unins000.exe" PowerProducer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\setup.exe" -uninstall proDAD Vitascene 1.0-->"C:\Program Files\proDAD\Vitascene-1.0\uninstall.exe" uninstall spcp PATHVERSION 1.0 MAINNAME Vitascene Programme de gestion Camera de Logitech®-->"C:\Program Files\Common Files\LogiShrd\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT ProShow Producer-->C:\Program Files\Photodex\ProShowProducer\proshow.exe . -u pserv.cpl (remove only)-->"C:\Program Files\p-nand-q.com\pserv.cpl\uninstall.exe" Puzzle Hero-->"C:\Program Files\Puzzle Hero\ReflexiveArcade\unins000.exe" QuickPar 0.9-->C:\Program Files\QuickPar\uninst.exe QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F} RawShooter essentials 2005-->C:\PROGRA~1\PIXMAN~1\RAWSHO~1.0\UNWISE.EXE C:\PROGRA~1\PIXMAN~1\RAWSHO~1.0\INSTALL.LOG RealArcade-->C:\Program Files\Real\RealArcade\Update\rnuninst.exe RealNetworks|RealArcade|1.2 RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 Recettes de Cuisine 2004-->"C:\Program Files\LudoSoft\Recettes de Cuisine 2004\unins000.exe" Recover Keys-->"C:\Program Files\Recover Keys\unins000.exe" Registry Mechanic 7.0-->"C:\Program Files\Registry Mechanic\unins000.exe" RenMultiFiles Pro-->"C:\Program Files\torris\unins000.exe" RocketDock 1.3.5-->"C:\Program Files\RocketDock\unins000.exe" RTFx Volume 2-->MsiExec.exe /I{08C8525A-1E21-4E90-81A6-ACA36A10908C} RVB-->"C:\Program Files\torris\RVB\unins000.exe" SAMSUNG Mobile Modem Driver Set-->C:\Windows\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe Samsung Mobile phone USB driver Software-->C:\Windows\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe SAMSUNG Mobile USB Modem 1.0 Software-->C:\Windows\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe SAMSUNG Mobile USB Modem Software-->C:\Windows\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe Samsung PC Studio 3 USB Driver Installer-->"C:\Program Files\InstallShield Installation Information\{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}\setup.exe" -runfromtemp -l0x040c -removeonly Samsung PC Studio 3-->"C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -runfromtemp -l0x040c -removeonly Sandlot Games Client Services-->"C:\Program Files\Common Files\Sandlot Shared\unins000.exe" Sauvegarde des Dossiers personnels Microsoft Outlook-->MsiExec.exe /X{C63E7C60-25EB-11D3-8EDA-00A0C911E8E5} ScanSoft OmniPage 16-->MsiExec.exe /X{77AC2FA8-215F-4F67-90AF-59CD0375AF8B} Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85} Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7} Security Update for 2007 Microsoft Office System (KB958439)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {6491B8AA-D11C-4648-A461-6234B31EB7E2} Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for Microsoft Office Excel 2007 (KB958437)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {648FC016-2D6B-4A16-8D87-404533642F4B} Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77} Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85} Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F} Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC} Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C} Security Update for Visio 2007 (KB947590)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {6BAD036C-261F-4BEF-96CF-C20678D07A41} SetupAmelioreOrthographe-->MsiExec.exe /I{5C42CFD1-C069-4988-B169-29FDCA353045} SiSoftware Sandra Lite 2009.SP2-->"C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009\unins000.exe" Slingo Supreme-->"C:\Program Files\Slingo Supreme\Uninstall.exe" SmartSound Quicktracks Plugin-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E} SmsDiscount-->"C:\Program Files\SmsDiscount.com\SmsDiscount\unins000.exe" SnagIt 8-->MsiExec.exe /I{93699C3E-005E-4294-87CA-F5B7DE2CD687} Sothink SWF Decompiler-->"C:\Program Files\SourceTec\Sothink SWF Decompiler\unins000.exe" Sothink SWF to Video Converter-->"C:\Program Files\SourceTec\Sothink SWF to Video Converter\unins000.exe" Sothink Web Video Downloader-->"C:\Program Files\SourceTec\Sothink Web Video Downloader Stand-alone\unins000.exe" Sparkle-->"C:\Program Files\Sparkle\Uninstall.exe" Spb Backup-->C:\Windows\WindowsMobile\SpbBackup\Uninstall.exe Spb Backup Spb Phone Suite-->C:\Windows\WindowsMobile\SpbPhoneSuite\Uninstall.exe Spb Phone Suite Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe" Star Defender III-->"C:\Program Files\Star Defender III\Uninstall.exe" Stardust Screen Saver Control 2003 (3.0.0.66)-->C:\Windows\unins000.exe Stardust Wallpaper Control 2003 (1.0.0.4)-->C:\Windows\unins001.exe Studio-Scrap : Kit-Fete-meres-->"C:\Program Files\Studio-Scrap\Kit-Fete-meres\unins000.exe" Studio-Scrap : Kit-St-Valentin-->"c:\program files\studio-scrap\Kit-St-Valentin\unins000.exe" Studio-Scrap : Textures-->"C:\Program Files\Studio-Scrap\Textures\unins000.exe" Studio-Scrap 2-->"C:\Program Files\Studio-Scrap\unins000.exe" Super Collapse! from GameHouse-->C:\PROGRA~1\GAMEHO~1\Collapse\UNWISE.EXE /U C:\PROGRA~1\GAMEHO~1\Collapse\INSTALL.LOG SuperModelSolitaire-->C:\Windows\iun3405.exe c:\smsolita SureThing Express Labeler-->"C:\Program Files\SureThing Express Labeler\unins000.exe" Sweetopia-->"C:\Program Files\Sweetopia\Uninstall.exe" SWF Opener-->"C:\Program Files\UnH Solutions\SWF Opener\unins000.exe" SWF Printer Pro-->"C:\Program Files\SWF Printer Pro\unins000.exe" SWF Studio Version 3.5-->"C:\Program Files\Northcode\Studio3\unins000.exe" SWF To Video Scout PRO-->"C:\Program Files\SWF To Video Scout PRO\unins000.exe" SWF Video Converter 3.0 (build 3.0.20.77)-->"C:\Program Files\Eltima Software\SWF Video Converter\unins000.exe" swf2avi 0.3-->"C:\Program Files\swf2avi\unins000.exe" Synapse Update-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4D8E6D94-7E0A-4314-8D32-EF79431F1C7C}\SETUP.exe" -l0x40c -uninst -removeonly SyncBack-->"C:\Program Files\2BrightSparks\SyncBack\unins000.exe" The Three Musketeers-->"C:\Program Files\The Three Musketeers\Uninstall.exe" Theme Generator Smartphone-->MsiExec.exe /X{3E73284F-4184-4D0C-9517-FB7D01F33BCC} Theme Generator V2-->MsiExec.exe /X{4FD05420-333C-4233-94A6-9759430D6C2A} TomTom HOME 2.5.2.60-->C:\Program Files\TomTom HOME 2\Uninstall TomTom HOME.exe TopStyle (Version 3)-->"C:\Program Files\Bradbury\TopStyle3\unins000.exe" Travelogue 360: Paris-->"C:\Program Files\Travelogue 360 Paris\Uninstall.exe" Trellian SubmitWolf v8.0-->"C:\Program Files\TRELLIAN\SEO Toolkit v3.0\unins000.exe" Tropical Fish 3D Screensaver 1.1-->"C:\Program Files\Tropical Fish 3D Screensaver\unins000.exe" Turtix 2: Rescue Adventures-->"C:\Program Files\Turtix 2 - Rescue Adventures\Uninstall.exe" TweakVI-->"C:\Windows\TweakVI\uninstall.exe" "/U:C:\Program Files\TweakVI\Uninstall\uninstall.xml" TweakVista-->"C:\ProgramData\{0BC8968B-5A12-4C72-ACF4-4CC9A9A6F102}\TweakVista_Setup.exe" REMOVE=TRUE MODIFY=FALSE TweakVista-->C:\ProgramData\{0BC8968B-5A12-4C72-ACF4-4CC9A9A6F102}\TweakVista_Setup.exe Ulead PhotoImpact 12-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{11AFE21E-B193-430D-B57A-DFF7815BB962}\Setup.exe" -l0x40c UltraVNC 1.0.5-->"C:\Program Files\UltraVNC\unins000.exe" Uniblue RegistryBooster 2009-->"C:\ProgramData\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}\Uniblue RegistryBooster.exe" REMOVE=TRUE MODIFY=FALSE Uniblue RegistryBooster 2009-->C:\ProgramData\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}\Uniblue RegistryBooster.exe Uniblue SpeedUpMyPC 2009-->"C:\ProgramData\{51019853-129C-4EDE-9030-D5FD7BBD9AD0}\SpeedUpMyPC.exe" REMOVE=TRUE MODIFY=FALSE Uniblue SpeedUpMyPC 2009-->C:\ProgramData\{51019853-129C-4EDE-9030-D5FD7BBD9AD0}\SpeedUpMyPC.exe Uniblue System Tweaker-->"C:\Program Files\Uniblue\System Tweaker\unins000.exe" Unlocker 1.8.7-->C:\Program Files\Unlocker\uninst.exe Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756} Update for Office 2007 (KB946691)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278} Update for Outlook 2007 Junk Email Filter (kb959634)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {50C77E2F-5C1C-467D-9BC8-3CA07D28C9F2} USB Video Driver-->C:\Program Files\InstallShield Installation Information\{2758691A-2CDE-4942-A4AC-0E8F61FE2067}\setup.exe -runfromtemp -l0x040c -removeonly Valentine Musicbox 3D Screensaver 1.0-->"C:\Program Files\Valentine Musicbox 3D Screensaver\unins000.exe" VBA-->MsiExec.exe /I{C94E45B0-6AA6-4FB9-9AAE-22085F631880} VC_MergeModuleToMSI-->MsiExec.exe /I{900A92BA-19EF-4A34-86CF-7B6C85BDD971} VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B} VideoLAN VLC media player 0.8.6c-->C:\Program Files\VideoLAN\VLC\uninstall.exe Virtual Earth 3D (Beta)-->MsiExec.exe /I{3CCB26F5-E2A7-4C91-8340-9149D7B7C2BE} Vista Manager-->MsiExec.exe /I{4E79AC14-1F0A-4044-B069-126EDCD2308F} Vista Start Menu-->C:\Program Files\Vista Start Menu\uninstall.exe Visual C++ 8.0 ATL (x86) WinSXS MSM-->MsiExec.exe /I{97F81AF1-0E47-DC99-FF1F-C8B3B9A1E18E} Visual C++ 8.0 CRT (x86) WinSXS MSM-->MsiExec.exe /I{98CB24AD-52FB-DB5F-FF1F-C8B3B9A1E18E} Visual Studio 2005 Tools pour Office Second Edition Runtime-->c:\Program Files\Common Files\Microsoft Shared\VSTO\8.0\Microsoft Visual Studio 2005 Tools for Office Runtime\install.exe VuPassword-->"C:\Program Files\VuPassword\unins000.exe" widget_programmes-->MsiExec.exe /I{29C877B1-19D9-3F74-E86C-2ECF5028C087} Windows Installer Clean Up-->MsiExec.exe /X{121634B0-2F4B-11D3-ADA3-00C04F52DD52} Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41} Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52} Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657} Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C} Windows Live Sync-->MsiExec.exe /X{9C5EB781-0D37-44B8-9A58-77B3E4BF5F5E} Windows Live Writer-->MsiExec.exe /X{2231CE39-B963-4B9D-823A-F412ECA637B1} Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} WinMorph™ 3.01-->"C:\Program Files\Debugmode\WinMorph\unins000.exe" WLM OSD Plugin-->MsiExec.exe /I{C7B341DC-6B64-4FF5-AB1F-C8E7D67182DE} World of Warcraft FREE Trial-->MsiExec.exe /X{02EBDBB9-4600-41D3-B566-40CB861511D2} Xobni-->"C:\Program Files\Xobni\Uninstall.exe" =====HijackThis Backups===== O3 - Toolbar: Jeteye - {EFC14E6A-61B2-421D-B2DD-710996357BF7} - mscoree.dll (file missing) O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O9 - Extra button: Jeteye - {6A4BA46C-3EE9-48BF-AEBF-2C957669EEF3} - mscoree.dll (file missing) O23 - Service: Lettriq Drivers Auto Removal (pr2aqb2b) (pr2aqb2b) - Vocabelum Inc - C:\Windows\system32\pr2aqb2b.exe O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O3 - Toolbar: Jeteye - {EFC14E6A-61B2-421D-B2DD-710996357BF7} - mscoree.dll (file missing) O9 - Extra button: Jeteye - {6A4BA46C-3EE9-48BF-AEBF-2C957669EEF3} - mscoree.dll (file missing) O4 - HKLM\..\Run: [MSServer] rundll32.exe C:\Windows\system32\tuvvSjjK.dll,#1 O4 - HKLM\..\Run: [runner1] C:\Windows\faceback.exe 61A847B5BBF72810339E3F466188719AB689201522886B092CBD44BD8689220221DD3257 O2 - BHO: (no name) - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - (no file) O2 - BHO: (no name) - {DB9B8D42-1F15-4ED4-AAAE-F04426C8DFEC} - C:\Windows\system32\tuvWoOIY.dll (file missing) O3 - Toolbar: (no name) - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - (no file) O2 - BHO: (no name) - {DB9B8D42-1F15-4ED4-AAAE-F04426C8DFEC} - C:\Windows\system32\tuvWoOIY.dll (file missing) O2 - BHO: (no name) - {A90200B3-697C-48C6-85FF-EB0838077657} - (no file) O9 - Extra button: SmartShopper - Compare travel rates - {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEC0} - C:\Program Files\Smart-Shopper\Bin\2.5.1\Smrt-Shpr.dll O9 - Extra button: SmartShopper - Compare product prices - {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEBF} - C:\Program Files\Smart-Shopper\Bin\2.5.1\Smrt-Shpr.dll O2 - BHO: Smart-Shopper - {4A7C84E2-E95C-43C6-8DD3-03ABCD0EB60E} - C:\Program Files\Smart-Shopper\Bin\2.5.1\Smrt-Shpr.dll R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.myheritage.com O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: (no name) - {DB9B8D42-1F15-4ED4-AAAE-F04426C8DFEC} - (no file) O9 - Extra button: SmartShopper - Compare product prices - {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEBF} - (no file) O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O9 - Extra button: SmartShopper - Compare travel rates - {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEC0} - (no file) O9 - Extra button: SmartShopper - Compare product prices - {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEBF} - (no file) O9 - Extra button: SmartShopper - Compare travel rates - {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEC0} - (no file) O9 - Extra button: SmartShopper - Compare travel rates - {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEC0} - (no file) O9 - Extra button: SmartShopper - Compare product prices - {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEBF} - (no file) ======Hosts File====== 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com ======Security center information====== AV: BitDefender Antivirus FW: Pare-feu BitDefender AS: BitDefender AntiSpam (disabled) AS: Spybot - Search and Destroy AS: Windows Defender System event log Le deuxième Logfile of random's system information tool 1.05 (written by random/random) Run by jacques at 2009-02-28 17:36:20 Microsoft® Windows Vista™ Professionnel Service Pack 1 System drive C: has 64 GB (23%) free of 280 GB Total RAM: 3069 MB (58% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:36:53, on 28/02/2009 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Windows\System32\spool\drivers\w32x86\3\WrtMon.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Banque 3.0 Manager\Bin\Bq30tna.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Cordial\DLL_32\Integration_Cordial.exe C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Vista Start Menu\VistaStartMenu.exe C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe C:\Program Files\SourceTec\Sothink Web Video Downloader Stand-alone\VideoDownloader.exe C:\Program Files\1&1\1&1 EasyLogin\EasyLogin.exe C:\Program Files\DNA\btdna.exe C:\Program Files\Synapse Développement\Synapse Update\Synapse Update.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\Logitech\SetPoint II\SetpointII.exe C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe C:\Program Files\Stardock\ObjectDock\ObjectDock.exe C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE C:\Windows\System32\spool\drivers\w32x86\3\WrtProc.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\mes données\OrangeDrvHome.exe C:\Program Files\BitTorrent\bittorrent.exe C:\Windows\system32\SearchProtocolHost.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\jacques\Desktop\RSIT.exe C:\Program Files\Trend Micro\HijackThis\jacques.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.nanterre.fr/Nanterre/login.aspx R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll O3 - Toolbar: SYSTRAN Toolbar - {95daa571-4def-4a6d-97d8-98a346672a24} - mscoree.dll (file missing) O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [WrtMon.exe] C:\Windows\system32\spool\drivers\w32x86\3\WrtMon.exe O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe" O4 - HKLM\..\Run: [bitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe" O4 - HKLM\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" /OM O4 - HKLM\..\Run: [Agent BanqueManager] C:\Program Files\Banque 3.0 Manager\Bin\Bq30tna.exe O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe O4 - HKCU\..\Run: [integration de Cordial] C:\PROGRAM FILES\CORDIAL\DLL_32\INTEGRATION_CORDIAL.EXE O4 - HKCU\..\Run: [iSUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler O4 - HKCU\..\Run: [iSUSPM Startup] "c:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [VistaStartMenu] "C:\Program Files\Vista Start Menu\VistaStartMenu.exe" O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" O4 - HKCU\..\Run: [Web Video Downloader] "C:\Program Files\SourceTec\Sothink Web Video Downloader Stand-alone\VideoDownloader.exe" O4 - HKCU\..\Run: [1&1 EasyLogin] C:\Program Files\1&1\1&1 EasyLogin\EasyLogin.exe O4 - HKCU\..\Run: [bitTorrent DNA] "C:\Program Files\DNA\btdna.exe" O4 - HKCU\..\Run: [sEO Soft] C:\stat(2)\stat.exe close 20 O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart O4 - HKCU\..\Run: [synapseUpdate] "C:\Program Files\Synapse Développement\Synapse Update\Synapse Update.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Startup: MemInfo.lnk.disabled O4 - Startup: MSN Pictures Displayer.lnk = C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O4 - Global Startup: SetPointII.lnk = ? O8 - Extra context menu item: &Point&&Go - C:\Program Files\Common Files\Expert System\PGPlatform\PGPlatform.htm O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra 'Tools' menuitem: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra 'Tools' menuitem: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra button: SmartShopper - Compare product prices - {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEBF} - (no file) O9 - Extra button: SmartShopper - Compare travel rates - {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEC0} - (no file) O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra 'Tools' menuitem: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm O9 - Extra button: SWF To Video Scout PRO - {FBF9D685-BF2D-4337-9865-A4F86CC8A8CA} - C:\Program Files\SWF To Video Scout PRO\flashextract.exe O13 - Gopher Prefix: O15 - Trusted Zone: http://www.secuser.com O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{C0A72E0C-7647-4816-BAC9-1DAEBFB2FD5F}: NameServer = 212.27.40.241,212.27.40.240 O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. http://www.bitdefender.com - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Desktop Manager 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: uvnc_service - Unknown owner - C:\Program Files\UltraVNC\WinVNC.exe (file missing) O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe O23 - Service: XobniService - Xobni Corporation - C:\Program Files\Xobni\XobniService.exe -- End of file - 14487 bytes ======Scheduled tasks folder====== C:\Windows\tasks\User_Feed_Synchronization-{1E742D1F-C241-4604-92B9-3F1165097C90}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00C6482D-C502-44C8-8409-FCE54AD9C208}] HelperObject Class - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll [2006-05-10 49152] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}] RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2008-10-24 308832] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2008-09-15 1562960] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] Click-to-Call BHO - C:\Program Files\Windows Live\Messenger\wlchtc.dll [2009-02-06 73072] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2008-12-04 92504] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}] C:\Program Files\Siber Systems\AI RoboForm\roboform.dll [2008-12-25 5804872] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-11 320920] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-01-18 251504] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [2009-01-18 657904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}] Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [2009-01-18 522224] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-11 34816] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}] Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {724d43a0-0d85-11d4-9908-00400523e39a} - &RoboForm - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll [2008-12-25 5804872] {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - SnagIt - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll [2006-05-10 131072] {95daa571-4def-4a6d-97d8-98a346672a24} - SYSTRAN Toolbar - C:\Windows\system32\mscoree.dll [2008-07-27 282112] {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - BitDefender Toolbar - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll [2008-11-06 90112] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-01-18 251504] {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-04-22 29744] "WrtMon.exe"=C:\Windows\system32\spool\drivers\w32x86\3\WrtMon.exe [2006-09-20 20480] "IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2008-12-04 186904] "BDAgent"=C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe [2009-01-09 741376] "BitDefender Antiphishing Helper"=C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe [2008-10-17 69632] "OM2_Monitor"=C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe [2008-11-07 54576] "Agent BanqueManager"=C:\Program Files\Banque 3.0 Manager\Bin\Bq30tna.exe [2009-01-31 3587072] "StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-02-03 61440] "Kernel and Hardware Abstraction Layer"=C:\Windows\KHALMNPR.EXE [2008-10-10 69632] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-21 1233920] "Integration de Cordial"=C:\PROGRAM FILES\CORDIAL\DLL_32\INTEGRATION_CORDIAL.EXE [2008-10-06 450632] "ISUSPM"=C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [2006-03-20 213936] "ISUSPM Startup"=c:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe [2006-03-20 213936] "MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-02-15 3885408] "VistaStartMenu"=C:\Program Files\Vista Start Menu\VistaStartMenu.exe [2008-07-09 1331200] "RoboForm"=C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2008-12-25 160592] "Web Video Downloader"=C:\Program Files\SourceTec\Sothink Web Video Downloader Stand-alone\VideoDownloader.exe [2008-11-24 3257616] "1&1 EasyLogin"=C:\Program Files\1&1\1&1 EasyLogin\EasyLogin.exe [2009-02-13 2200576] "BitTorrent DNA"=C:\Program Files\DNA\btdna.exe [2009-02-04 342848] "SEO Soft"=C:\stat(2)\stat.exe [2009-02-24 581632] "OM2_Monitor"=C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe [2008-11-07 95536] "SynapseUpdate"=C:\Program Files\Synapse Développement\Synapse Update\Synapse Update.exe [2008-06-17 491520] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\1&1 EasyLogin] C:\Program Files\1&1\1&1 EasyLogin\EasyLogin.exe [2009-02-13 2200576] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [2008-10-29 165144] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe [2008-10-29 961432] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Agent Banque 3.0 Manager] C:\Program Files\Banque 3.0 Manager\Bin\Bq30tna.exe [2009-01-31 3587072] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Agent BanqueManager] C:\Program Files\Banque 3.0 Manager\Bin\Bq30tna.exe [2009-01-31 3587072] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe [2008-03-28 1743808] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray] C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [2006-09-28 57344] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eMuleAutoStart] C:\Program Files\eMule\emule.exe [2008-05-19 5877760] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Eraser] C:\Program Files\Eraser\Eraser.exe [2007-12-23 916240] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Family Tree Builder Update] C:\MyHeritage\Bin\FTBCheckUpdates.exe [2009-01-14 113680] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.EXE [2008-10-10 69632] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanceurEasyBox] C:\Program Files\EasyBox\EasyBox.exe [2007-02-23 499699] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OM2_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe [2008-11-07 95536] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpAgent] OpAgent.exe /agent [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files\QuickTime\QTTask.exe -atboottime [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SEO Soft] C:\stat(2)\stat.exe [2009-02-24 581632] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmsDiscount] C:\Program Files\SmsDiscount.com\SmsDiscount\SmsDiscount.exe [2008-09-15 8986936] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-02-03 61440] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe [2008-11-11 136600] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynapseUpdate] C:\Program Files\Synapse Développement\Synapse Update\Synapse Update.exe [2008-06-17 491520] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sync2] C:\Program Files\4Team Corporation\Sync2\Sync2.exe [2008-12-08 2807304] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe] C:\Program Files\TomTom HOME 2\HOMERunner.exe [2008-12-09 234856] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [2008-10-29 4375312] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TweakVI] C:\Program Files\TweakVI\tweakvi.exe [2008-08-18 6034080] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ulcjfne] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue RegistryBooster 2009] c:\program files\uniblue\registrybooster\StartRegistryBooster.exe [2008-08-26 99624] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe [2008-05-02 15872] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePDRShortCut] C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [2008-01-04 222504] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdc.exe [2007-01-24 563080] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BDARemote.lnk] C:\PROGRA~1\USBTV~1\EM28XX\BDAREM~1.EXE [2007-06-26 81997] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech SetPoint.lnk] C:\PROGRA~1\Logitech\SetPoint\SetPoint.exe [2008-11-07 809488] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^jacques^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MSN Pictures Displayer.lnk] C:\PROGRA~1\MSNPIC~1\MSNPIC~1.EXE [2007-11-06 4571136] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^jacques^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Outil de notification Live Search.lnk] C:\Users\jacques\AppData\Roaming\MICROS~1\LIVESE~1\NOTIFI~1.EXE [2009-02-15 143360] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe SetPointII.lnk - C:\Program Files\Logitech\SetPoint II\SetpointII.exe C:\Users\jacques\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup MemInfo.lnk.disabled - C:\Program Files\MemInfo\meminfo.exe MSN Pictures Displayer.lnk - C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe Stardock ObjectDock.lnk - C:\Program Files\Stardock\ObjectDock\ObjectDock.exe [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "authentication packages"=msv1_0 C:\Windows\system32\tuvWoOIY [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "RunStartupScriptSync"=1 "DisableTaskMgr"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 "EnableLUA"=0 "PromptOnSecureDesktop"=0 "SynchronousMachineGroupPolicy"=0 "SynchronousUserGroupPolicy"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoAutoTrayNotify"=0 "NoRecentDocsNetHood"=1 "NoResolveSearch"=1 "NoResolveTrack"=0 "NoSMBalloonTip"=1 "NoWelcomeScreen"=1 "NoDriveTypeAutoRun"=145 "TaskbarNoNotification"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveAutoRun"= "NoDriveTypeAutoRun"= "NoStrCmpLogical"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1e77fbd4-1148-11dd-82d0-0019d1387982}] shell\AutoRun\command - H:\InstallTomTomHOME.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{558fb7f8-f3f4-11dc-967a-0019d1387982}] shell\AutoRun\command - F:\start.exe shell\FramaKey\command - F:\start.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{56e1763e-03ae-11dd-9bc3-0019d1387982}] shell\AutoRun\command - E:\PortableRoboForm.exe shell\RoboForm2Go\command - E:\PortableRoboForm.exe ======List of files/folders created in the last 1 months====== 2009-02-28 17:36:20 ----D---- C:\rsit 2009-02-28 08:31:13 ----HDC---- C:\ProgramData\{51019853-129C-4EDE-9030-D5FD7BBD9AD0} 2009-02-28 07:55:36 ----SHD---- C:\Boot 2009-02-26 19:44:14 ----A---- C:\Windows\system32\WmiConf.txt 2009-02-26 18:40:32 ----D---- C:\ProgramData\ATI 2009-02-26 14:12:12 ----A---- C:\Windows\system32\XceedZip.dll 2009-02-26 14:12:09 ----D---- C:\Program Files\Driver-Soft 2009-02-26 09:45:58 ----A---- C:\Windows\system32\Valentine Musicbox 3D Screensaver.exe 2009-02-26 09:45:56 ----D---- C:\Program Files\Valentine Musicbox 3D Screensaver 2009-02-24 08:58:04 ----D---- C:\Program Files\Luxand 2009-02-24 08:57:47 ----D---- C:\Gst 2009-02-23 23:17:02 ----D---- C:\Program Files\Common Files\debugmode 2009-02-23 23:17:01 ----D---- C:\Program Files\Debugmode 2009-02-23 23:08:53 ----D---- C:\Mng 2009-02-23 22:37:31 ----H---- C:\Windows\system32\wodfamop.dll 2009-02-23 22:36:53 ----D---- C:\Program Files\Digital Photo Software 2009-02-22 17:04:48 ----D---- C:\Program Files\UnH Solutions 2009-02-22 16:24:17 ----D---- C:\Program Files\FaceMorpher 2009-02-22 15:36:39 ----D---- C:\Program Files\FaceMorpher Lite 2009-02-22 15:01:20 ----D---- C:\Users\jacques\AppData\Roaming\Malwarebytes 2009-02-22 15:01:12 ----D---- C:\ProgramData\Malwarebytes 2009-02-22 15:01:12 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2009-02-22 10:20:00 ----D---- C:\Program Files\Caricature Software 2009-02-19 21:30:02 ----D---- C:\Program Files\MailControl 2009-02-19 21:30:02 ----A---- C:\Windows\system32\Mcontrolxp32.dll 2009-02-19 21:30:01 ----A---- C:\Windows\system32\AOMTrace.dll 2009-02-15 20:37:55 ----D---- C:\Users\jacques\AppData\Roaming\calibre 2009-02-15 16:09:37 ----D---- C:\Program Files\Photosynth 2009-02-15 07:18:12 ----D---- C:\Program Files\Microsoft Office Outlook Connector 2009-02-14 18:47:13 ----A---- C:\Windows\gswin32.ini 2009-02-14 18:43:04 ----D---- C:\Program Files\gs 2009-02-14 16:32:44 ----D---- C:\Program Files\IrfanView 2009-02-13 18:29:29 ----D---- C:\Program Files\Turtix 2 - Rescue Adventures 2009-02-13 08:00:20 ----A---- C:\Windows\ntbtlog.txt 2009-02-12 18:07:49 ----A---- C:\ReadMe.txt 2009-02-11 07:18:24 ----A---- C:\Windows\system32\mshtml.dll 2009-02-11 07:18:23 ----A---- C:\Windows\system32\ieframe.dll 2009-02-11 07:18:22 ----A---- C:\Windows\system32\wininet.dll 2009-02-11 07:18:22 ----A---- C:\Windows\system32\urlmon.dll 2009-02-11 07:18:22 ----A---- C:\Windows\system32\msfeeds.dll 2009-02-11 07:18:22 ----A---- C:\Windows\system32\iertutil.dll 2009-02-11 07:18:21 ----A---- C:\Windows\system32\mstime.dll 2009-02-11 07:18:21 ----A---- C:\Windows\system32\jsproxy.dll 2009-02-10 20:37:31 ----D---- C:\Users\jacques\AppData\Roaming\System Tweaker 2009-02-10 20:30:39 ----D---- C:\Program Files\Jufsoft 2009-02-10 19:40:12 ----D---- C:\Users\jacques\AppData\Roaming\Uniblue 2009-02-10 19:39:30 ----D---- C:\Program Files\Uniblue 2009-02-10 19:38:04 ----HDC---- C:\ProgramData\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185} 2009-02-08 19:34:09 ----D---- C:\Program Files\Common Files\muvee Technologies 2009-02-08 19:33:41 ----A---- C:\Windows\system32\msvcr80.dll 2009-02-08 19:33:41 ----A---- C:\Windows\system32\msvcp80.dll 2009-02-08 19:33:41 ----A---- C:\Windows\system32\mfc80u.dll 2009-02-08 19:33:41 ----A---- C:\Windows\system32\atl80.dll 2009-02-08 10:13:50 ----HD---- C:\Program Files\InstallJammer Registry 2009-02-08 10:13:13 ----D---- C:\Program Files\calibre 2009-02-08 10:09:46 ----D---- C:\DSynchronize 2009-02-06 18:52:40 ----A---- C:\Windows\system32\sirenacm.dll 2009-02-04 23:42:05 ----D---- C:\Program Files\BitTorrent 2009-02-04 23:29:04 ----D---- C:\Users\jacques\AppData\Roaming\BitTorrent 2009-02-04 21:17:47 ----D---- C:\Windows\system32\QuickTime 2009-02-04 21:17:42 ----A---- C:\Windows\mmtvmj.ini 2009-02-04 21:17:42 ----A---- C:\Windows\m3jp2k.ini 2009-02-04 21:17:41 ----A---- C:\Windows\m3jpeg.ini 2009-02-04 21:17:38 ----A---- C:\Windows\system32\mplvpx.dll 2009-02-04 21:17:38 ----A---- C:\Windows\system32\mplvm6.dll 2009-02-04 21:17:38 ----A---- C:\Windows\system32\mplva6.dll 2009-02-04 21:17:37 ----A---- C:\Windows\system32\mplvw7.dll 2009-02-04 21:17:37 ----A---- C:\Windows\system32\mplaw7.dll 2009-02-04 21:17:37 ----A---- C:\Windows\system32\mplapx.dll 2009-02-04 21:17:37 ----A---- C:\Windows\system32\mplam6.dll 2009-02-04 21:17:37 ----A---- C:\Windows\system32\mplaa6.dll 2009-02-04 21:17:37 ----A---- C:\Windows\system32\cpuinf32.dll 2009-02-04 21:17:35 ----A---- C:\Windows\system32\unrar.dll 2009-02-04 21:17:19 ----D---- C:\Program Files\ACE Mega CoDecS Pack 2009-02-04 21:03:54 ----D---- C:\Program Files\DNA 2009-02-04 21:03:53 ----D---- C:\Users\jacques\AppData\Roaming\DNA 2009-02-04 19:21:32 ----D---- C:\Program Files\AnmSMP 2009-02-04 06:02:00 ----A---- C:\Windows\system32\ATIDEMGX.dll 2009-02-04 06:00:13 ----A---- C:\Windows\system32\Oemdspif.dll 2009-02-04 06:00:07 ----A---- C:\Windows\system32\atimuixx.dll 2009-02-04 06:00:01 ----A---- C:\Windows\system32\ati2edxx.dll 2009-02-04 05:59:50 ----A---- C:\Windows\system32\Ati2evxx.dll 2009-02-04 05:58:34 ----A---- C:\Windows\system32\Ati2evxx.exe 2009-02-04 05:11:38 ----A---- C:\Windows\system32\atioglxx.dll 2009-02-04 05:07:50 ----A---- C:\Windows\system32\amdpcom32.dll 2009-02-04 05:07:27 ----A---- C:\Windows\system32\atiadlxx.dll 2009-02-04 04:01:35 ----A---- C:\Windows\system32\aticalrt.dll 2009-02-04 04:01:23 ----A---- C:\Windows\system32\aticalcl.dll 2009-02-04 03:58:37 ----A---- C:\Windows\system32\aticaldd.dll 2009-02-02 20:05:27 ----D---- C:\Program Files\cemail 2009-02-02 05:40:33 ----D---- C:\Program Files\InstStudioScrap-Kit-St-Valentin 2009-02-02 05:01:28 ----D---- C:\ProgramData\Studio-Scrap2 2009-02-01 17:31:49 ----A---- C:\Windows\system32\cc3290mt.dll 2009-02-01 17:31:41 ----D---- C:\Users\jacques\AppData\Roaming\Studio-Scrap2 2009-02-01 17:30:01 ----D---- C:\Program Files\Studio-Scrap 2009-02-01 16:35:49 ----D---- C:\Program Files\InstStudio-Scrap 2009-02-01 16:21:34 ----A---- C:\Windows\MyHeritage.INI 2009-02-01 16:18:22 ----D---- C:\Users\jacques\AppData\Roaming\MyHeritage 2009-02-01 16:18:22 ----D---- C:\ProgramData\MyHeritage 2009-02-01 16:16:36 ----A---- C:\Windows\system32\PaintX.dll 2009-02-01 16:16:36 ----A---- C:\Windows\system32\ijl15.dll 2009-02-01 16:16:35 ----D---- C:\Users\jacques\AppData\Roaming\The Complete Genealogy Reporter - FTB 2009-02-01 16:16:09 ----D---- C:\MyHeritage 2009-02-01 08:04:36 ----D---- C:\Program Files\Artisteer 2 (Beta) 2009-02-01 07:55:54 ----A---- C:\Windows\system32\infocardapi.dll 2009-02-01 07:55:53 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2009-02-01 07:55:52 ----A---- C:\Windows\system32\PresentationHostProxy.dll 2009-02-01 07:55:52 ----A---- C:\Windows\system32\icardres.dll 2009-02-01 07:55:52 ----A---- C:\Windows\system32\icardagt.exe 2009-02-01 07:55:49 ----A---- C:\Windows\system32\PresentationNative_v0300.dll 2009-02-01 07:55:44 ----A---- C:\Windows\system32\PresentationHost.exe 2009-02-01 07:39:33 ----A---- C:\Windows\system32\dfshim.dll 2009-02-01 07:39:28 ----A---- C:\Windows\system32\mscoree.dll 2009-02-01 07:39:24 ----A---- C:\Windows\system32\netfxperf.dll 2009-02-01 07:39:04 ----A---- C:\Windows\system32\mscorier.dll 2009-02-01 07:38:55 ----A---- C:\Windows\system32\mscories.dll 2009-02-01 01:15:46 ----D---- C:\Users\jacques\AppData\Roaming\Artisteer 2009-02-01 01:14:47 ----D---- C:\Program Files\Artisteer 2009-01-31 22:26:32 ----D---- C:\Users\jacques\AppData\Roaming\BitDefender 2009-01-31 22:24:52 ----D---- C:\ProgramData\BitDefender 2009-01-31 22:03:19 ----D---- C:\Program Files\Common Files\BitDefender 2009-01-31 17:12:43 ----SHD---- C:\Config.Msi 2009-01-31 04:22:27 ----D---- C:\Windows\BDOSCAN8 2009-01-31 04:17:05 ----D---- C:\Windows\AU_Temp 2009-01-29 22:47:47 ----A---- C:\Windows\system32\b71e95ef-.txt 2009-01-29 22:13:06 ----A---- C:\Windows\system32\awtsSMeB.dll 2009-01-29 10:35:41 ----A---- C:\Windows\GestionDocument.ini 2009-01-29 09:42:36 ----D---- C:\ProgramData\BVRP Software 2009-01-29 09:42:23 ----D---- C:\Users\jacques\AppData\Roaming\Avanquest 2009-01-29 09:42:23 ----D---- C:\ProgramData\Avanquest 2009-01-29 09:41:24 ----D---- C:\Program Files\Avanquest ======List of files/folders modified in the last 1 months====== 2009-02-28 17:36:32 ----D---- C:\Windows\Prefetch 2009-02-28 17:36:25 ----D---- C:\Windows\Temp 2009-02-28 17:34:38 ----SHD---- C:\Windows\Installer 2009-02-28 17:29:25 ----D---- C:\Program Files\Mozilla Firefox 2009-02-28 17:26:15 ----D---- C:\Users\jacques\AppData\Roaming\MailWasherPro 2009-02-28 17:17:23 ----D---- C:\Windows\System32 2009-02-28 17:15:36 ----AD---- C:\ProgramData\TEMP 2009-02-28 08:31:13 ----HD---- C:\ProgramData 2009-02-28 08:06:12 ----A---- C:\Windows\CordialPro.INI 2009-02-28 08:04:02 ----D---- C:\Users\jacques\AppData\Roaming\Vista Start Menu 2009-02-28 07:56:39 ----D---- C:\Program Files\Microsoft Silverlight 2009-02-28 06:54:24 ----SHD---- C:\System Volume Information 2009-02-28 02:30:50 ----RD---- C:\Program Files 2009-02-28 02:28:06 ----D---- C:\Program Files\Common Files\Wise Installation Wizard 2009-02-28 02:27:16 ----D---- C:\Users\jacques\AppData\Roaming\SUPERAntiSpyware.com 2009-02-28 02:22:35 ----D---- C:\Windows\system32\drivers 2009-02-27 21:43:50 ----D---- C:\ProgramData\Google Updater 2009-02-27 21:36:49 ----D---- C:\Users\jacques\AppData\Roaming\GrabIt 2009-02-27 06:51:11 ----SD---- C:\ProgramData\Microsoft 2009-02-26 19:45:15 ----D---- C:\Windows\system32\catroot 2009-02-26 18:51:45 ----D---- C:\Program Files\ATI 2009-02-26 18:37:53 ----D---- C:\Windows 2009-02-26 18:15:34 ----HD---- C:\Program Files\InstallShield Installation Information 2009-02-26 17:43:38 ----RSD---- C:\Windows\assembly 2009-02-26 17:42:43 ----D---- C:\Program Files\ATI Technologies 2009-02-26 17:35:07 ----D---- C:\Windows\inf 2009-02-26 15:52:40 ----A---- C:\Windows\SWFConverter.INI 2009-02-26 13:13:41 ----D---- C:\Windows\Microsoft.NET 2009-02-26 13:08:18 ----D---- C:\Program Files\Cordial 2009-02-26 13:03:56 ----A---- C:\Windows\Cordial.INI 2009-02-26 13:00:21 ----A---- C:\Windows\win.ini 2009-02-26 09:46:15 ----D---- C:\Program Files\3Planesoft Screensaver Manager 2009-02-26 07:25:30 ----D---- C:\stat(2) 2009-02-24 20:39:19 ----D---- C:\Program Files\Morpheus Photo Animation Suite 2009-02-24 18:55:17 ----D---- C:\Program Files\Abrosoft 2009-02-24 03:02:51 ----D---- C:\ProgramData\Microsoft Help 2009-02-23 23:17:02 ----D---- C:\Program Files\Common Files 2009-02-23 22:36:01 ----D---- C:\Windows\Downloaded Installations 2009-02-23 21:46:52 ----D---- C:\Windows\Lhsp 2009-02-23 18:13:31 ----D---- C:\Users\jacques\AppData\Roaming\FileZilla 2009-02-22 19:45:59 ----D---- C:\Users\jacques\AppData\Roaming\Desktopicon 2009-02-22 19:00:44 ----A---- C:\Windows\system32\PerfStringBackup.INI 2009-02-22 13:22:29 ----D---- C:\Windows\system32\catroot2 2009-02-22 09:28:42 ----D---- C:\Program Files\Microsoft Office 2009-02-22 09:26:43 ----D---- C:\Program Files\MSECache 2009-02-21 19:03:06 ----D---- C:\Users\jacques\AppData\Roaming\Mozilla 2009-02-20 01:05:55 ----D---- C:\Program Files\eMule 2009-02-19 18:02:13 ----D---- C:\Program Files\EasyBox 2009-02-19 13:18:17 ----D---- C:\ProgramData\SlySoft 2009-02-19 13:17:45 ----SH---- C:\Windows\S36CC0AF8.tmp 2009-02-19 13:15:36 ----D---- C:\Program Files\SlySoft 2009-02-18 07:41:03 ----D---- C:\Program Files\Banque 3.0 Manager 2009-02-16 21:35:26 ----D---- C:\Program Files\FileZilla Client 2009-02-15 16:38:25 ----A---- C:\Windows\Iedit_.INI 2009-02-15 16:10:46 ----D---- C:\Windows\winsxs 2009-02-15 10:37:14 ----D---- C:\Windows\Minidump 2009-02-15 05:26:30 ----D---- C:\Program Files\Microsoft 2009-02-14 18:13:40 ----DC---- C:\Windows\system32\DRVSTORE 2009-02-14 18:13:40 ----D---- C:\Program Files\iPod 2009-02-14 12:14:02 ----D---- C:\ProgramData\Spybot - Search & Destroy 2009-02-14 12:13:14 ----D---- C:\Program Files\Spybot - Search & Destroy 2009-02-13 13:18:58 ----D---- C:\Program Files\OLYMPUS 2009-02-12 03:04:41 ----D---- C:\Windows\Debug 2009-02-12 03:01:12 ----D---- C:\Program Files\Windows Mail 2009-02-10 21:03:29 ----D---- C:\Windows\system32\config 2009-02-08 21:07:52 ----D---- C:\Windows\Tasks 2009-02-08 15:27:17 ----D---- C:\Windows\pss 2009-02-07 21:00:03 ----D---- C:\Program Files\WinRAR 2009-02-05 22:00:04 ----D---- C:\Windows\system32\FxsTmp 2009-02-04 21:20:48 ----A---- C:\Windows\system.ini 2009-02-04 21:20:30 ----D---- C:\Program Files\QuickTime 2009-02-04 21:13:20 ----D---- C:\Program Files\DivX 2009-02-04 06:00:36 ----A---- C:\Windows\system32\atitmmxx.dll 2009-02-04 06:00:24 ----A---- C:\Windows\system32\atipdlxx.dll 2009-02-04 05:43:06 ----A---- C:\Windows\system32\atiumdag.dll 2009-02-04 05:22:03 ----A---- C:\Windows\system32\atiumdva.dll 2009-02-04 00:21:12 ----A---- C:\Windows\system32\mrt.exe 2009-02-02 20:19:29 ----D---- C:\Program Files\Free-info 2009-02-02 20:12:34 ----D---- C:\Program Files\Passbox2007 2009-02-02 05:44:53 ----RSD---- C:\Windows\Fonts 2009-02-01 09:20:19 ----D---- C:\Windows\rescache 2009-02-01 08:57:36 ----D---- C:\Windows\system32\fr-FR 2009-02-01 08:57:01 ----D---- C:\Windows\system32\XPSViewer 2009-02-01 08:57:01 ----D---- C:\Windows\system32\en-US 2009-02-01 08:57:00 ----D---- C:\Windows\system32\wbem 2009-02-01 07:13:08 ----D---- C:\temp 2009-02-01 06:46:19 ----D---- C:\BigFishGamesCache 2009-02-01 01:07:18 ----A---- C:\Windows\MAXLINK.INI 2009-02-01 00:10:45 ----A---- C:\Windows\bdagent.INI 2009-01-31 22:26:17 ----D---- C:\Program Files\BitDefender 2009-01-31 08:41:21 ----A---- C:\Windows\tsc.ini 2009-01-31 04:22:32 ----SD---- C:\Windows\Downloaded Program Files 2009-01-31 04:18:10 ----D---- C:\Windows\report 2009-01-31 04:17:51 ----A---- C:\Windows\vsapi32.dll 2009-01-31 04:17:51 ----A---- C:\Windows\BPMNT.dll 2009-01-31 04:17:05 ----A---- C:\Windows\GetServer.ini 2009-01-29 22:00:03 ----D---- C:\Windows\system32\Msdtc 2009-01-29 21:54:03 ----D---- C:\Windows\system32\spool 2009-01-29 21:54:02 ----D---- C:\Users\jacques\AppData\Roaming\MSN Pictures Displayer 2009-01-29 21:54:00 ----D---- C:\ProgramData\Ulead Systems 2009-01-29 21:53:54 ----D---- C:\Windows\registration 2009-01-29 16:16:05 ----D---- C:\Windows\system32\Tasks 2009-01-29 10:07:07 ----D---- C:\Users\jacques\AppData\Roaming\Apple Computer ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 BANTExt;Belarc SMBios Access; C:\Windows\System32\Drivers\BANTExt.sys [2005-04-07 3840] R1 bdftdif;bdftdif; \??\C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys [2008-11-17 136200] R1 CSC;Offline Files Driver; C:\Windows\system32\drivers\csc.sys [2008-01-21 350720] R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2007-08-07 25160] R1 Odptdi;Odptdi; \??\C:\Windows\system32\drivers\odptdi.sys [2007-12-06 46744] R1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2006-07-24 5632] R1 vmm;Virtual Machine Monitor; \??\C:\Windows\system32\Drivers\vmm.sys [2007-02-18 232816] R2 BDVEDISK;BDVEDISK; \??\C:\Program Files\BitDefender\BitDefender 2009\BDVEDISK.sys [2008-10-06 82696] R2 tifsfilter;Acronis True Image FS Filter; C:\Windows\system32\DRIVERS\tifsfilt.sys [2008-11-07 44704] R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-02-04 4303360] R3 bdfm;BDFM; C:\Windows\system32\drivers\bdfm.sys [2008-09-18 111112] R3 Bdfndisf;BitDefender Firewall NDIS Filter Service; C:\Windows\system32\DRIVERS\bdfndisf.sys [2008-10-17 104328] R3 bdfsfltr;bdfsfltr; C:\Windows\system32\DRIVERS\bdfsfltr.sys [2008-12-10 242184] R3 BDSelfPr;BDSelfPr; \??\C:\Program Files\BitDefender\BitDefender 2009\bdselfpr.sys [2008-02-26 8448] R3 e1express;Intel® PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032.sys [2008-12-04 217728] R3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520] R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2008-09-26 35472] R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2008-09-26 37392] R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\Windows\system32\DRIVERS\LVPr2Mon.sys [2007-07-18 25624] R3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBSta.sys [2007-05-11 41888] R3 MarvinBus;Pinnacle Marvin Bus; C:\Windows\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520] R3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328] R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328] S3 AnyDVD;AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [2008-03-27 97600] S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [2009-01-24 14336] S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632] S3 ElbyCDFL;ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [2007-02-16 34760] S3 ElbyDelay;ElbyDelay; C:\Windows\System32\Drivers\ElbyDelay.sys [2007-02-16 11984] S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [] S3 LVcKap;Logitech AEC Driver; C:\Windows\system32\DRIVERS\LVcKap.sys [2007-07-20 2109592] S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\Windows\system32\DRIVERS\LVMVDrv.sys [2007-07-20 2142488] S3 lvpopflt;Logitech POP Suppression Filter; C:\Windows\system32\DRIVERS\lvpopflt.sys [2007-05-12 1921184] S3 LVUVC;LVUVC; C:\Windows\system32\DRIVERS\lvuvc.sys [2007-05-11 3580832] S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192] S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888] S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016] S3 Profos;Profos; \??\C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\profos.sys [2008-09-02 13056] S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-02-04 4303360] S3 SANDRA;SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009\WNt500x86\Sandra.sys [2008-11-25 22432] S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2007-07-03 80552] S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2007-07-03 11944] S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2007-07-03 106792] S3 Trufos;Trufos; \??\C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\trufos.sys [2007-07-10 36736] S3 usb_rndisx;Carte RNDIS USB; C:\Windows\system32\DRIVERS\usb8023x.sys [2008-01-21 15872] S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656] S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616] S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2008-01-21 11264] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424] R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2009-02-04 729088] R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888] R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2008-01-21 21504] R2 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-10-21 168432] R2 IAANTMON;Intel® Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2008-12-04 354840] R2 LIVESRV;BitDefender Desktop Update Service; C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe [2009-02-01 431424] R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2007-07-20 137752] R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872] R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-21 21504] R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656] R2 VSSERV;BitDefender Virus Shield; C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe [2008-12-17 1581056] R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-21 21504] R2 XobniService;XobniService; C:\Program Files\Xobni\XobniService.exe [2008-07-23 36352] S2 uvnc_service;uvnc_service; C:\Program Files\UltraVNC\WinVNC.exe -service [] S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2008-01-21 21504] S3 Arrakis3;BitDefender Arrakis Server; C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe [2008-07-17 118784] S3 aspnet_state;Service d'état ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-27 34312] S3 BthServ;Service de prise en charge Bluetooth; C:\Windows\system32\svchost.exe [2008-01-21 21504] S3 GoogleDesktopManager-022208-143751;Google Desktop Manager 5.7.802.22438; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-04-22 29744] S3 LVCOMSer;LVCOMSer; C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe [2007-07-20 186904] S3 LVSrvLauncher;LVSrvLauncher; C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe [2007-05-11 142112] S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-01-24 216232] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 scan;BitDefender Threat Scanner; C:\Windows\System32\svchost.exe [2008-01-21 21504] S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2008-01-21 21504] S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe [2008-01-21 917504] S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240] S4 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-06-03 611664] S4 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [2008-10-29 554264] S4 CobBMService;Cobian Backup 8 service; C:\Program Files\Cobian Backup 8\cbService.exe [2007-09-27 499200] S4 Fax;Télécopie; C:\Windows\system32\fxssvc.exe [2008-01-21 523776] S4 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-06-15 654848] S4 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\logishrd\Bluetooth\LBTServ.exe [2008-11-07 121360] S4 pr2aqb2b;Lettriq Drivers Auto Removal (pr2aqb2b); C:\Windows\system32\pr2aqb2b.exe [2008-06-06 415088] S4 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2008-06-29 241734] S4 SandraAgentSrv;SiSoftware Deployment Agent Service; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009\RpcAgentSrv.exe [2008-12-11 98488] S4 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] S4 ScsiAccess;ScsiAccess; C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe [2008-03-20 181312] -----------------EOF-----------------
- le 28 février 2009
- 15 réponses
pc lent

jg92 a répondu à un(e) sujet de jg92 dans Analyses et éradication malwares

Bonsoir, Oui c'est revenu.
- le 27 février 2009
- 15 réponses
pc lent

jg92 a répondu à un(e) sujet de jg92 dans Analyses et éradication malwares

Bonjour, j'ai effectué les suppressions recommandées. pour les extra button smartshopper je les avais déjà retirer une première fois, je vais voir si cela revient, merci.
- le 26 février 2009
- 15 réponses
pc lent

jg92 a répondu à un(e) sujet de jg92 dans Analyses et éradication malwares

Bonsoir voici le log, merci de votre temps passer à m'aider Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:31:18, on 25/02/2009 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\System32\mobsync.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Windows\System32\spool\drivers\w32x86\3\WrtMon.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe C:\Program Files\Banque 3.0 Manager\Bin\Bq30tna.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Cordial\DLL_32\Integration_Cordial.exe C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Vista Start Menu\VistaStartMenu.exe C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe C:\Program Files\SourceTec\Sothink Web Video Downloader Stand-alone\VideoDownloader.exe C:\Program Files\1&1\1&1 EasyLogin\EasyLogin.exe C:\Program Files\DNA\btdna.exe C:\Program Files\Logitech\SetPoint II\SetpointII.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe C:\Users\jacques\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe C:\Windows\System32\spool\drivers\w32x86\3\WrtProc.exe C:\Users\jacques\AppData\Roaming\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Stardock\ObjectDock\ObjectDock.exe C:\Program Files\GrabIt\GrabIt.exe C:\Program Files\mes données\OrangeDrvHome.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.nanterre.fr/Nanterre/login.aspx R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll O2 - BHO: (no name) - {DB9B8D42-1F15-4ED4-AAAE-F04426C8DFEC} - (no file) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll O3 - Toolbar: SYSTRAN Toolbar - {95daa571-4def-4a6d-97d8-98a346672a24} - mscoree.dll (file missing) O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [WrtMon.exe] C:\Windows\system32\spool\drivers\w32x86\3\WrtMon.exe O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe" O4 - HKLM\..\Run: [bitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe" O4 - HKLM\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" /OM O4 - HKLM\..\Run: [Agent BanqueManager] C:\Program Files\Banque 3.0 Manager\Bin\Bq30tna.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe O4 - HKCU\..\Run: [integration de Cordial] C:\PROGRAM FILES\CORDIAL\DLL_32\INTEGRATION_CORDIAL.EXE O4 - HKCU\..\Run: [iSUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler O4 - HKCU\..\Run: [iSUSPM Startup] "c:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [VistaStartMenu] "C:\Program Files\Vista Start Menu\VistaStartMenu.exe" O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" O4 - HKCU\..\Run: [Web Video Downloader] "C:\Program Files\SourceTec\Sothink Web Video Downloader Stand-alone\VideoDownloader.exe" O4 - HKCU\..\Run: [1&1 EasyLogin] C:\Program Files\1&1\1&1 EasyLogin\EasyLogin.exe O4 - HKCU\..\Run: [bitTorrent DNA] "C:\Program Files\DNA\btdna.exe" O4 - HKCU\..\Run: [sEO Soft] C:\stat(2)\stat.exe close 20 O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Startup: MemInfo.lnk.disabled O4 - Startup: MSN Pictures Displayer.lnk = C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe O4 - Startup: Outil de notification Live Search.lnk = C:\Users\jacques\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe O4 - Global Startup: SetPointII.lnk = ? O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra 'Tools' menuitem: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra 'Tools' menuitem: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra button: SmartShopper - Compare product prices - {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEBF} - (no file) O9 - Extra button: SmartShopper - Compare travel rates - {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEC0} - (no file) O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra 'Tools' menuitem: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm O9 - Extra button: SWF To Video Scout PRO - {FBF9D685-BF2D-4337-9865-A4F86CC8A8CA} - C:\Program Files\SWF To Video Scout PRO\flashextract.exe O13 - Gopher Prefix: O15 - Trusted Zone: http://www.secuser.com O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{C0A72E0C-7647-4816-BAC9-1DAEBFB2FD5F}: NameServer = 212.27.40.241,212.27.40.240 O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. http://www.bitdefender.com - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Desktop Manager 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: uvnc_service - Unknown owner - C:\Program Files\UltraVNC\WinVNC.exe (file missing) O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe O23 - Service: XobniService - Xobni Corporation - C:\Program Files\Xobni\XobniService.exe -- End of file - 14443 bytes
- le 25 février 2009
- 15 réponses
pc lent

jg92 a répondu à un(e) sujet de jg92 dans Analyses et éradication malwares

Bonjour, Voici le log demandé: Malwarebytes' Anti-Malware 1.34 Version de la base de données: 1798 Windows 6.0.6001 Service Pack 1 25/02/2009 07:57:28 mbam-log-2009-02-25 (07-57-28).txt Type de recherche: Examen complet (C:\|D:\|G:\|M:\|) Eléments examinés: 556488 Temps écoulé: 3 hour(s), 57 minute(s), 20 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté)
- le 25 février 2009
- 15 réponses
pc lent

jg92 a posté un sujet dans Analyses et éradication malwares

bonsoir, Je trouve que mon pc sous vista pro 32 très lent sourtout en transfert de fichier depuis quelques temps, j'ai fais les recherche de malwares et de virus comme conseillier. Pouvez regarder mon log hijakthis, merci. Cordialement Jacques Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 07:34:08, on 23/02/2009 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Safe mode Running processes: C:\Windows\Explorer.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.nanterre.fr/Nanterre/login.aspx R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll O2 - BHO: (no name) - {DB9B8D42-1F15-4ED4-AAAE-F04426C8DFEC} - (no file) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll O3 - Toolbar: SYSTRAN Toolbar - {95daa571-4def-4a6d-97d8-98a346672a24} - mscoree.dll (file missing) O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [WrtMon.exe] C:\Windows\system32\spool\drivers\w32x86\3\WrtMon.exe O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe" O4 - HKLM\..\Run: [bitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe" O4 - HKLM\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" /OM O4 - HKLM\..\Run: [Agent BanqueManager] C:\Program Files\Banque 3.0 Manager\Bin\Bq30tna.exe O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe O4 - HKCU\..\Run: [integration de Cordial] C:\PROGRAM FILES\CORDIAL\DLL_32\INTEGRATION_CORDIAL.EXE O4 - HKCU\..\Run: [iSUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler O4 - HKCU\..\Run: [iSUSPM Startup] "c:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [VistaStartMenu] "C:\Program Files\Vista Start Menu\VistaStartMenu.exe" O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" O4 - HKCU\..\Run: [Web Video Downloader] "C:\Program Files\SourceTec\Sothink Web Video Downloader Stand-alone\VideoDownloader.exe" O4 - HKCU\..\Run: [1&1 EasyLogin] C:\Program Files\1&1\1&1 EasyLogin\EasyLogin.exe O4 - HKCU\..\Run: [bitTorrent DNA] "C:\Program Files\DNA\btdna.exe" O4 - HKCU\..\Run: [sEO Soft] C:\stat(2)\temp.exe close 20 O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [LanceurEasyBox] "C:\Program Files\EasyBox\EasyBox.exe" -AutoStart O4 - HKCU\..\Run: [uniblue RegistryBooster 2009] c:\program files\uniblue\registrybooster\StartRegistryBooster.exe O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Startup: MemInfo.lnk.disabled O4 - Startup: MSN Pictures Displayer.lnk = C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe O4 - Startup: Outil de notification Live Search.lnk = C:\Users\jacques\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe O4 - Global Startup: SetPointII.lnk = ? O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra 'Tools' menuitem: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra 'Tools' menuitem: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra button: SmartShopper - Compare product prices - {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEBF} - C:\Program Files\Smart-Shopper\Bin\2.5.1\Smrt-Shpr.dll (file missing) O9 - Extra button: SmartShopper - Compare travel rates - {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEC0} - C:\Program Files\Smart-Shopper\Bin\2.5.1\Smrt-Shpr.dll (file missing) O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra 'Tools' menuitem: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm O9 - Extra button: SWF To Video Scout PRO - {FBF9D685-BF2D-4337-9865-A4F86CC8A8CA} - C:\Program Files\SWF To Video Scout PRO\flashextract.exe O13 - Gopher Prefix: O15 - Trusted Zone: http://www.secuser.com O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{C0A72E0C-7647-4816-BAC9-1DAEBFB2FD5F}: NameServer = 212.27.40.241,212.27.40.240 O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. http://www.bitdefender.com - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Desktop Manager 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: uvnc_service - Unknown owner - C:\Program Files\UltraVNC\WinVNC.exe (file missing) O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe O23 - Service: XobniService - Xobni Corporation - C:\Program Files\Xobni\XobniService.exe -- End of file - 13504 bytes
- le 23 février 2009
- 15 réponses

Connexion

jg92

Compteur de contenus

Inscription

Dernière visite

Type de contenu

Profils

Forums

Blogs

Tout ce qui a été posté par jg92

Apparemment problèmes détectés

Apparemment problèmes détectés

Apparemment problèmes détectés

Apparemment problèmes détectés

Apparemment problèmes détectés

Apparemment problèmes détectés

Apparemment problèmes détectés

Apparemment problèmes détectés

Apparemment problèmes détectés

Apparemment problèmes détectés

Apparemment problèmes détectés

Apparemment problèmes détectés

Apparemment problème détecté [sujet bloqué]

Apparemment problèmes détectés

Apparemment problème détecté [sujet bloqué]

Apparemment problème détecté [sujet bloqué]

pc lent et beaucoup de mémoire vive utilisée

pc lent

pc lent

pc lent

pc lent

pc lent

pc lent

pc lent

pc lent

Zebulon

Outils en ligne

Naviguer