Aller au contenu

platinium

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    75

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par platinium

  1. platinium
    http://cjoint.com/?DDsp1ZooGw0 Désolé pour l'oubli du ci-joint
  2. platinium
    Dans mes programmes j'ai : Adobe Flash Player 12 ActiveX et Adobe Flash Player 13 Plugin Dois-je désinstaller Flash Player 12?
  3. platinium
    Adobe Flash Player (je ne sais pas comment coller le rapport): You have version 13,0,0,182 installed
  4. platinium
    JavaUpdate (Pierre13) Rapport du 18\04\2014 à 14:17:21 PC de Berthalie Version de Windows : Windows 7 Home Premium Service Pack 1 (64 bits) Dernière version 7 Update 55 Aucune version de Java installée Dernière version Java 7 Update 55 installée ! Mise à jour automatique de Java désactivée. Fin du rapport. Le rapport est sur le bureau : C:\Users\Berthalie\Desktop\Rapport_JavaUpdate.txt
  5. platinium
    1er scan: Rapport de SFTGC (Pierre13) du Vendredi 18 Avril 2014 à 10:05:24 version : 2.0.0.66 Mis à jour le 07/02/2014 Outil lancé en Mode normal et En tant qu'administrateur Windows 7 Home Premium Service Pack 1 64 bits Tool start in C:\Users\Berthalie\Downloads 714 éléments supprimés => 30.73 Mo libérés. (5 mn 24 s) Warning !! **/!\** C:\Users\Berthalie\AppData\Local\Temp\avgnt.exe **/!\** Warning !! **/!\** C:\Users\Berthalie\AppData\Local\Temp\Quarantine.exe **/!\** Warning !! **/!\** C:\Users\Berthalie\AppData\Local\Temp\jrt\erunt\ERUNT.EXE **/!\** Warning !! **/!\** C:\Users\Berthalie\AppData\Local\Temp\jrt\erunt\ERUNT.EXE.manifest **/!\** C:\Users\Berthalie\AppData\Local\Temp\acro_rd_dir C:\Users\Berthalie\AppData\Local\Temp\AdwCleaner.jpg C:\Users\Berthalie\AppData\Local\Temp\AuthLog C:\Users\Berthalie\AppData\Local\Temp\avgnt.exe C:\Users\Berthalie\AppData\Local\Temp\Cleaning.ico C:\Users\Berthalie\AppData\Local\Temp\Donate.ico C:\Users\Berthalie\AppData\Local\Temp\EULA.txt C:\Users\Berthalie\AppData\Local\Temp\HP Support Framework C:\Users\Berthalie\AppData\Local\Temp\JRT.txt C:\Users\Berthalie\AppData\Local\Temp\Quarantine.exe C:\Users\Berthalie\AppData\Local\Temp\Report.ico C:\Users\Berthalie\AppData\Local\Temp\Scan.ico C:\Users\Berthalie\AppData\Local\Temp\Uninstall.ico C:\Users\Berthalie\AppData\Local\Temp\WPDNSE C:\Users\Berthalie\AppData\Local\Temp\updater_temp_truesuite\rollback C:\Users\Berthalie\AppData\Local\Temp\updater_temp_truesuite\updatefile.xml C:\Users\Berthalie\AppData\Local\Temp\jrt\APPID_clsid.dat C:\Users\Berthalie\AppData\Local\Temp\jrt\APPID_files.dat C:\Users\Berthalie\AppData\Local\Temp\jrt\appinit64_null.reg C:\Users\Berthalie\AppData\Local\Temp\jrt\appinit_null.reg C:\Users\Berthalie\AppData\Local\Temp\jrt\APPPATHS.dat C:\Users\Berthalie\AppData\Local\Temp\jrt\APPROVEDEXTENSIONS_clsid.dat C:\Users\Berthalie\AppData\Local\Temp\jrt\ask.bat C:\Users\Berthalie\AppData\Local\Temp\jrt\askCLSID.dat C:\Users\Berthalie\AppData\Local\Temp\jrt\askregkey_x64.dat C:\Users\Berthalie\AppData\Local\Temp\jrt\askregkey_x86.dat C:\Users\Berthalie\AppData\Local\Temp\jrt\askregvalue_x64.dat C:\Users\Berthalie\AppData\Local\Temp\jrt\askregvalue_x86.dat C:\Users\Berthalie\AppData\Local\Temp\jrt\askservices.dat C:\Users\Berthalie\AppData\Local\Temp\jrt\badAPPINIT.dat C:\Users\Berthalie\AppData\Local\Temp\jrt\badFOLDERS.cfg C:\Users\Berthalie\AppData\Local\Temp\jrt\badFOLDERScom.cfg C:\Users\Berthalie\AppData\Local\Temp\jrt\badFOLDERSstart.cfg C:\Users\Berthalie\AppData\Local\Temp\jrt\badLNK.cfg C:\Users\Berthalie\AppData\Local\Temp\jrt\badvalues.cfg C:\Users\Berthalie\AppData\Local\Temp\jrt\BHO_clsid.dat C:\Users\Berthalie\AppData\Local\Temp\jrt\BHO_name.dat C:\Users\Berthalie\AppData\Local\Temp\jrt\browsermngr_keys.cfg C:\Users\Berthalie\AppData\Local\Temp\jrt\browsermngr_values.cfg C:\Users\Berthalie\AppData\Local\Temp\jrt\CHOICE.DAT C:\Users\Berthalie\AppData\Local\Temp\jrt\chrome.bat C:\Users\Berthalie\AppData\Local\Temp\jrt\CHRregkey_x64.cfg C:\Users\Berthalie\AppData\Local\Temp\jrt\CHRregkey_x86.cfg C:\Users\Berthalie\AppData\Local\Temp\jrt\CHR_extensions.cfg C:\Users\Berthalie\AppData\Local\Temp\jrt\CHR_open_x64.reg C:\Users\Berthalie\AppData\Local\Temp\jrt\CHR_open_x86.reg C:\Users\Berthalie\AppData\Local\Temp\jrt\clean_shortcut.vbs C:\Users\Berthalie\AppData\Local\Temp\jrt\CLSID_clsid.dat C:\Users\Berthalie\AppData\Local\Temp\jrt\currentmd5.txt C:\Users\Berthalie\AppData\Local\Temp\jrt\CUT.DAT C:\Users\Berthalie\AppData\Local\Temp\jrt\datamngr_del.reg C:\Users\Berthalie\AppData\Local\Temp\jrt\defaultscope.cfg C:\Users\Berthalie\AppData\Local\Temp\jrt\delfolders.bat C:\Users\Berthalie\AppData\Local\Temp\jrt\delorphans.bat C:\Users\Berthalie\AppData\Local\Temp\jrt\ELEVATIONPOLICY_clsid.dat C:\Users\Berthalie\AppData\Local\Temp\jrt\erunt C:\Users\Berthalie\AppData\Local\Temp\jrt\ev_clear.bat C:\Users\Berthalie\AppData\Local\Temp\jrt\EXT.dat C:\Users\Berthalie\AppData\Local\Temp\jrt\FFbrowsermngr.dat C:\Users\Berthalie\AppData\Local\Temp\jrt\FFextensions.dat C:\Users\Berthalie\AppData\Local\Temp\jrt\FFpluginREG.dat C:\Users\Berthalie\AppData\Local\Temp\jrt\FFplugins.dat C:\Users\Berthalie\AppData\Local\Temp\jrt\FFprefs.dat C:\Users\Berthalie\AppData\Local\Temp\jrt\FFregkey_x64.dat C:\Users\Berthalie\AppData\Local\Temp\jrt\FFregkey_x86.dat C:\Users\Berthalie\AppData\Local\Temp\jrt\FFwhtlist.cfg C:\Users\Berthalie\AppData\Local\Temp\jrt\FFXML.dat C:\Users\Berthalie\AppData\Local\Temp\jrt\FFXPI.dat C:\Users\Berthalie\AppData\Local\Temp\jrt\FF_open_x64.reg C:\Users\Berthalie\AppData\Local\Temp\jrt\FF_open_x86.reg C:\Users\Berthalie\AppData\Local\Temp\jrt\firefox.bat C:\Users\Berthalie\AppData\Local\Temp\jrt\FWCLSID.dat C:\Users\Berthalie\AppData\Local\Temp\jrt\FWPolicy.bat C:\Users\Berthalie\AppData\Local\Temp\jrt\get.bat C:\Users\Berthalie\AppData\Local\Temp\jrt\IEwhtlst.cfg C:\Users\Berthalie\AppData\Local\Temp\jrt\iexplore.bat C:\Users\Berthalie\AppData\Local\Temp\jrt\IE_open_x64.reg C:\Users\Berthalie\AppData\Local\Temp\jrt\IE_open_x86.reg C:\Users\Berthalie\AppData\Local\Temp\jrt\IFEO.dat C:\Users\Berthalie\AppData\Local\Temp\jrt\INTERFACE_clsid.dat C:\Users\Berthalie\AppData\Local\Temp\jrt\JRT.bat C:\Users\Berthalie\AppData\Local\Temp\jrt\medfos.bat C:\Users\Berthalie\AppData\Local\Temp\jrt\MENUEXT.dat C:\Users\Berthalie\AppData\Local\Temp\jrt\misc.bat C:\Users\Berthalie\AppData\Local\Temp\jrt\modules.bat C:\Users\Berthalie\AppData\Local\Temp\jrt\modules.dat C:\Users\Berthalie\AppData\Local\Temp\jrt\moduleservices.dat C:\Users\Berthalie\AppData\Local\Temp\jrt\newmd5.txt C:\Users\Berthalie\AppData\Local\Temp\jrt\NIRCMD.DAT C:\Users\Berthalie\AppData\Local\Temp\jrt\NOTIFY.dat C:\Users\Berthalie\AppData\Local\Temp\jrt\PREAPPROVED_clsid.dat C:\Users\Berthalie\AppData\Local\Temp\jrt\prelim.bat C:\Users\Berthalie\AppData\Local\Temp\jrt\PRODUCTS.dat C:\Users\Berthalie\AppData\Local\Temp\jrt\REGhcr.cfg C:\Users\Berthalie\AppData\Local\Temp\jrt\REGhkcu_and_hklm_allow.cfg C:\Users\Berthalie\AppData\Local\Temp\jrt\REGhkcu_and_hklm_software.cfg C:\Users\Berthalie\AppData\Local\Temp\jrt\REGhkcu_software_appdatalow.cfg C:\Users\Berthalie\AppData\Local\Temp\jrt\REGhkcu_software_microsoft.cfg C:\Users\Berthalie\AppData\Local\Temp\jrt\REGhklm_software_classes.cfg C:\Users\Berthalie\AppData\Local\Temp\jrt\REGISTRYUSERSID.cfg C:\Users\Berthalie\AppData\Local\Temp\jrt\runvalues.bat C:\Users\Berthalie\AppData\Local\Temp\jrt\runvalues_x64.cfg C:\Users\Berthalie\AppData\Local\Temp\jrt\runvalues_x86.cfg C:\Users\Berthalie\AppData\Local\Temp\jrt\S1518COMPONENTS.dat C:\Users\Berthalie\AppData\Local\Temp\jrt\searchlnk.bat C:\Users\Berthalie\AppData\Local\Temp\jrt\SED.DAT C:\Users\Berthalie\AppData\Local\Temp\jrt\sednewline.txt C:\Users\Berthalie\AppData\Local\Temp\jrt\services.dat C:\Users\Berthalie\AppData\Local\Temp\jrt\serviceseventlog.cfg C:\Users\Berthalie\AppData\Local\Temp\jrt\SETTINGS_clsid.dat C:\Users\Berthalie\AppData\Local\Temp\jrt\SHORTCUT.DAT C:\Users\Berthalie\AppData\Local\Temp\jrt\STATS_clsid.dat C:\Users\Berthalie\AppData\Local\Temp\jrt\TDL4.bat C:\Users\Berthalie\AppData\Local\Temp\jrt\temp C:\Users\Berthalie\AppData\Local\Temp\jrt\TRACING.dat C:\Users\Berthalie\AppData\Local\Temp\jrt\TYPELIB_clsid.dat C:\Users\Berthalie\AppData\Local\Temp\jrt\UNINSTALL.dat C:\Users\Berthalie\AppData\Local\Temp\jrt\UpgradeCodes.dat C:\Users\Berthalie\AppData\Local\Temp\jrt\WGET.DAT C:\Users\Berthalie\AppData\Local\Temp\jrt\WOW6432NODE.dat C:\Users\Berthalie\AppData\Local\Temp\jrt\temp\null.txt C:\Users\Berthalie\AppData\Local\Temp\jrt\erunt\ERDNT.E_E C:\Users\Berthalie\AppData\Local\Temp\jrt\erunt\ERDNTDOS.LOC C:\Users\Berthalie\AppData\Local\Temp\jrt\erunt\ERDNTWIN.LOC C:\Users\Berthalie\AppData\Local\Temp\jrt\erunt\ERUNT.EXE C:\Users\Berthalie\AppData\Local\Temp\jrt\erunt\ERUNT.EXE.manifest C:\Users\Berthalie\AppData\Local\Temp\jrt\erunt\ERUNT.LOC C:\Users\Berthalie\AppData\Local\Temp\jrt\erunt\README.TXT C:\Users\Berthalie\AppData\Local\Temp\HP Support Framework\HPSF_Config1.dll C:\Users\Berthalie\AppData\LocalLow\Temp C:\Users\Berthalie\AppData\LocalLow\Microsoft\IME12 C:\Users\Berthalie\AppData\LocalLow\Microsoft\IMJP12 C:\Users\Berthalie\AppData\LocalLow\Microsoft\IMJP8_1 C:\Users\Berthalie\AppData\LocalLow\Microsoft\IMJP9_0 C:\Users\Berthalie\AppData\Local\Microsoft\Windows\History\desktop.ini C:\Users\Berthalie\AppData\Local\Microsoft\Windows\History\Low C:\Users\Berthalie\AppData\Local\Microsoft\Windows\History\Low\desktop.ini C:\Users\Berthalie\AppData\Local\Microsoft\Windows\History\History.IE5\container.dat C:\Users\Berthalie\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012014041720140418 C:\Users\Berthalie\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012014041820140419 C:\Users\Berthalie\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012014041820140419\container.dat C:\Users\Berthalie\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012014041720140418\container.dat C:\Users\Berthalie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Sqm C:\Users\Berthalie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\container.dat C:\Users\Berthalie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DAWK5RT6 C:\Users\Berthalie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QA29KILR C:\Users\Berthalie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QDRU5RUZ C:\Users\Berthalie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZFQM9NKL C:\Users\Berthalie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZFQM9NKL\6[1].png C:\Users\Berthalie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZFQM9NKL\banners[1] C:\Users\Berthalie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZFQM9NKL\bnrcore_1.0.15[1].js C:\Users\Berthalie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZFQM9NKL\findBanner[1].txt C:\Users\Berthalie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZFQM9NKL\header[1].png C:\Users\Berthalie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZFQM9NKL\img-banner[1].htm C:\Users\Berthalie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZFQM9NKL\img-banner[2].htm C:\Users\Berthalie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZFQM9NKL\Version[1].txt C:\Users\Berthalie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QDRU5RUZ\1011[1].swf C:\Users\Berthalie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QDRU5RUZ\104[1] C:\Users\Berthalie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QDRU5RUZ\blocker.min[1].js C:\Users\Berthalie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QDRU5RUZ\findBanner[1].txt C:\Users\Berthalie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QDRU5RUZ\findBanner[2].txt C:\Users\Berthalie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QDRU5RUZ\fwlink[1].htm C:\Users\Berthalie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QDRU5RUZ\iframe280[1].htm C:\Users\Berthalie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QDRU5RUZ\jquery.min[2].js C:\Users\Berthalie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QDRU5RUZ\logo_v2[1].png C:\Users\Berthalie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QDRU5RUZ\prodinstall[1].htm C:\Users\Berthalie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QA29KILR\1007[1].swf C:\Users\Berthalie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QA29KILR\6[1].css C:\Users\Berthalie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QA29KILR\banners[1] C:\Users\Berthalie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QA29KILR\bnr-tag_1.0.0[1].js C:\Users\Berthalie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QA29KILR\FR_Improve-my-protection[1].png C:\Users\Berthalie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QA29KILR\ie8[1].htm C:\Users\Berthalie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QA29KILR\img-banner[1].htm C:\Users\Berthalie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QA29KILR\reset[1].css C:\Users\Berthalie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QA29KILR\VersionSFT[1].txt C:\Users\Berthalie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DAWK5RT6\28016ffcbe8a1939af038a0db8cfb2f471a00311[1].htm C:\Users\Berthalie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DAWK5RT6\banners[1] C:\Users\Berthalie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DAWK5RT6\bnrcore_1.0.15[1].js C:\Users\Berthalie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DAWK5RT6\close[1].png C:\Users\Berthalie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DAWK5RT6\Default[1].aspx C:\Users\Berthalie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DAWK5RT6\findBanner[1].txt C:\Users\Berthalie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DAWK5RT6\img-banner[1].htm C:\Users\Berthalie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DAWK5RT6\include_img_banner[1].js C:\Users\Berthalie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DAWK5RT6\zulgames_en_160_600[1].jpg C:\Users\Berthalie\AppData\Roaming\Microsoft\Windows\Recent\- Notre Louise.lnk C:\Users\Berthalie\AppData\Roaming\Microsoft\Windows\Recent\AdwCleaner[s0].lnk C:\Users\Berthalie\AppData\Roaming\Microsoft\Windows\Recent\AutomaticDestinations C:\Users\Berthalie\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations C:\Users\Berthalie\AppData\Roaming\Microsoft\Windows\Recent\desktop.ini C:\Users\Berthalie\AppData\Roaming\Microsoft\Windows\Recent\DSC_8497.lnk C:\Users\Berthalie\AppData\Roaming\Microsoft\Windows\Recent\DSC_8508.lnk C:\Users\Berthalie\AppData\Roaming\Microsoft\Windows\Recent\DSC_8516.lnk C:\Users\Berthalie\AppData\Roaming\Microsoft\Windows\Recent\DSC_8519.lnk C:\Users\Berthalie\AppData\Roaming\Microsoft\Windows\Recent\DSC_8530.lnk C:\Users\Berthalie\AppData\Roaming\Microsoft\Windows\Recent\DSC_8532.lnk C:\Users\Berthalie\AppData\Roaming\Microsoft\Windows\Recent\DSC_8535.lnk C:\Users\Berthalie\AppData\Roaming\Microsoft\Windows\Recent\DSC_8537.lnk C:\Users\Berthalie\AppData\Roaming\Microsoft\Windows\Recent\IMG_1024.lnk C:\Users\Berthalie\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\27120106fa37318.customDestinations-ms C:\Users\Berthalie\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\28c8b86deab549a1.customDestinations-ms C:\Users\Berthalie\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\2a941cec0c8a3b27.customDestinations-ms C:\Users\Berthalie\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\330457123f292452.customDestinations-ms C:\Users\Berthalie\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5afe4de1b92fc382.customDestinations-ms C:\Users\Berthalie\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms C:\Users\Berthalie\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\74d7f43c1561fc1e.customDestinations-ms C:\Users\Berthalie\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\83b03b46dcd30a0e.customDestinations-ms C:\Users\Berthalie\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\9645f58513b1a821.customDestinations-ms C:\Users\Berthalie\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\969252ce11249fdd.customDestinations-ms C:\Users\Berthalie\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccc0fa1b9f86f7b3.customDestinations-ms C:\Users\Berthalie\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d93f411851d7c929.customDestinations-ms C:\Users\Berthalie\AppData\Roaming\Microsoft\Windows\Recent\AutomaticDestinations\1b4dd67f29cb1962.automaticDestinations-ms C:\Users\Berthalie\AppData\Roaming\Microsoft\Windows\Recent\AutomaticDestinations\9b9cdc69c1c24e2b.automaticDestinations-ms C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\04AFA8793E5CDC4A81C6CD4554A30707 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\130ADF60D1B7B3CF82CC6CA82D961601_2CD9E2B64BF925DBA8B67036CF11760F C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\130ADF60D1B7B3CF82CC6CA82D961601_2FFE778CED2FD9BBAB74B5314F3440CA C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\130ADF60D1B7B3CF82CC6CA82D961601_A1FCA30AC310D8EAE948F012B2135AEE C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\130ADF60D1B7B3CF82CC6CA82D961601_EB064852E492029495F68A42B460783D C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\130ADF60D1B7B3CF82CC6CA82D961601_EC2B8F0C530DA57B6BD72F9ED19E4B95 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\130ADF60D1B7B3CF82CC6CA82D961601_F0ED2E2E4C18AF767323D306D9F72B9E C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\15C9B775FA7F2C683FD76888C21180E6_E27DFEC191FB94181AFA36FA5A594D4D C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\161B1C6D9CDC22FEB7269E395DF82F33_ACE2C216192F681278D474D3F3FB331A C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\17704B7A99D010A5658DCB9355B65471_5FEA55F2BCB4685A54058A290E2CED24 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1DAF2884EC4DFA96BA4A58D4DBC9C406 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1E1CC43385506AF5B63E01C28389BC6F C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\207B9FD92391B9B2A60A89B4C965D5DF C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\21253908F3CB05D51B1C2DA8B681A785 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\23B523C9E7746F715D33C6527C18EB9D C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\2659C1A560AB92C9C29D4B2B25815AE8 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\26AD01F9C002FAD37427E734302383D8_E1DF8F31180BEED965CA2CD894B8B7B4 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\27371171D8BBA336302695C6CEB04833 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\29E7A8984BC663B2CB853E44E7863708_7A5E15A14C0F182689E403969B0457BE C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\30F7B429BB1DACA9B591B41E016BED66_F6024CD0767F1B4C9F060C7479C6DC83 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3130B1871A126520A8C47861EFE3ED4D C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\36F1F6A9CDED762616E5038B5267C2B4_FDDDF8D96BA7CD7FE0C690C86100959B C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\37C951188967C8EB88D99893D9D191FE C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C3948BE6E525B8A8CEE9FAC91C9E392_5BEB6C6453DB87D996BDBC5D90D34AE1 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C3948BE6E525B8A8CEE9FAC91C9E392_C8FA2A733FE2A95A8ABEB57315278F81 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3EF2DCFBD8E45DF4AF38995D1A2C2444_78D034884DE6DC9B5EA15551563873AC C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\40EB206A466C1F1175CCB23E825B3250 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\40FD9B63B9878C0428E679298CD161C2_8D1C9751FDAE411510AC1F5A302695B7 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\4309200C3DBAD0F6F0DFACE9165FD092 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\4859D5BAC918334C46BD5ECFE050190D C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\49514950C94E8026A2B06312597DFF49_33A0493B3756EC93EB52782457685E27 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\49514950C94E8026A2B06312597DFF49_569BD946168DB279A65378F7D088CFD0 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\49514950C94E8026A2B06312597DFF49_AFC22B77ED08EE3E2B28B6DE75CADDF5 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\49514950C94E8026A2B06312597DFF49_F4692EBD578D04048E176E82BB8369BB C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\4B60F9F3A5B2E31C4D52DC308211D7B4 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\50B10292153912D05A7D970B383AACC4 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\5457A8CE4B2A7499F8299A013B6E1C7C_7DCDC9B86C5DA37FEB2732F7D1A586E5 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\5457A8CE4B2A7499F8299A013B6E1C7C_BD1446EE1580F7EA207C073F7ABA5015 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\5457A8CE4B2A7499F8299A013B6E1C7C_D734EC3DD00546F46D368325396086B0 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\5457A8CE4B2A7499F8299A013B6E1C7C_E638F9EA31276B58E6A32FDD5296AB01 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\5457A8CE4B2A7499F8299A013B6E1C7C_E9FCAC30D964AFC39902EC989B1CC9E8 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\5495C2E4531B22B3185CE59F8E73C447 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\566A973C3ADBC70963C072413659C1CB_D359469132EB07C98DE3BB9DA14221B3 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\5C45AD19E3530EC4218F560AFC04C3F7 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\60E31627FDA0A46932B0E5948949F2A5 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6213E171AE581D2A101181BD4DC37197_9BEC5D040F5D2F1EE3CD01FA280B5632 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6213E171AE581D2A101181BD4DC37197_A18DA6B2AACEBE44DC2555A362CF9BD1 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6213E171AE581D2A101181BD4DC37197_EDE8B8BB80BB8CE893C2A5E172020DEE C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\67F6625BC22310D5C99DDE12020DBD90 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\696F3DE637E6DE85B458996D49D759AD C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\69CB1FD121A3CCB01B235A51441959D6_ECD4EA13E37531F4252022D60B1C8FCC C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6AA3321A15A787985201D7A6820782F0_0AB46376AFB6F40B0426680E3025D384 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6AA3321A15A787985201D7A6820782F0_35BFA9D40D21E81B408449EB9D85CCA4 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6AA3321A15A787985201D7A6820782F0_4E35DE6F4FCFB7BE2C045F6B5ED89FC8 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6AFA4286D305D35CF857C64AE01F5F72 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6B7AED56F69397028F35E77E6DD681FC C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6BDC4BD492765EED974809D29642BE4C_29CEC4282F4E8C4D0242A435219E96EA C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6BDC4BD492765EED974809D29642BE4C_D494156DA37C2FEABFB2C80879C32F7E C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6F0788892ECB795F56E658EDB1CA93AA_72B0992C5B7BCE707348E71AF60DD251 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6F0788892ECB795F56E658EDB1CA93AA_BF10DE8014156320643C29807F220F34 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\724BA1E3D2C377A06FA5FA54F984881F_204A0CEAE21E503F798B2869C9756D5D C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\72FB5B1C7905530E0DF39758E01A3573_68BBA175EC7B40C83DFC74EEDBAE81CE C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\72FB5B1C7905530E0DF39758E01A3573_B9516EA745B9469F500A97DB517D7329 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7396C420A8E1BC1DA97F1AF0D10BAD21 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_11D7BA58D75E54D622A3AD9CDF9905BB C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\74BFD122C0875EC75DBE5C6DB4C59019 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\74ED51A3D229FC7D437854B8EB97E847_3A88D3CC6A54C32191B054A2498A5470 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\778E847A069C51A89BE256E952A0B847_6A69EAF50FE22DDF702CEB4F9535D10E C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EDE1350D6A4830F58081495812F0B6 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\783DF2F5A7C9BC04C36663632D14B993_09E6BFC8958A4903B51F28C3DF0B32CC C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\783DF2F5A7C9BC04C36663632D14B993_169DE3439FD2D9FE0AE07883B5A27A1B C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\783DF2F5A7C9BC04C36663632D14B993_6C67FC20D6E627EA8FBFF0B449CB060B C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7B2238AACCEDC3F1FFE8E7EB5F575EC9 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7B8944BA8AD0EFDF0E01A43EF62BECD0_25C57F273ED293BEE5D74C4D05249BA1 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7B8944BA8AD0EFDF0E01A43EF62BECD0_355DF12EAABE3F04A4C1AF592920E175 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7B8944BA8AD0EFDF0E01A43EF62BECD0_5442B1CAC753FE77C0664BB0A0BCD11E C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7B8944BA8AD0EFDF0E01A43EF62BECD0_8102C2D9BECD09FCBB2BC1857DCCAD50 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7B8944BA8AD0EFDF0E01A43EF62BECD0_83F500F551B7EE7C27E10C290B448CFB C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7B8944BA8AD0EFDF0E01A43EF62BECD0_8BF4BA22D20702BEE68EA4670A170EC1 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7B8944BA8AD0EFDF0E01A43EF62BECD0_8E53C663229525C77803EAE589F84C54 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7B8944BA8AD0EFDF0E01A43EF62BECD0_CD4662E1A7F15144990B9C9F03164C3A C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7B8944BA8AD0EFDF0E01A43EF62BECD0_FB6BD2AF592BD59C48D4520A31AC1EA3 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7B8944BA8AD0EFDF0E01A43EF62BECD0_FC9386660504DD089A3224FBCF3C0610 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7BB0ACA324B4F65640EBBD7813B49595_062959C5931BBE6012A98652EF1175E1 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7C1B7BA2D0A4C1307F3A4A532F819AA1_4AD3ACCBF8143C084378A3AE6D7BA712 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7C1B7BA2D0A4C1307F3A4A532F819AA1_FF6C5146232725C2AFED98CFFB2EB40C C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7D1F03728133589A90656A87E482B21F C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7D266D9E1E69FA1EEFB9699B009B34C8_0A9BFDD75B598C2110CBF610C078E6E6 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\855CF405355328EC482A28D56A44CFB0_4B2274C4F7D9E7D3BB5540980456589C C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\855CF405355328EC482A28D56A44CFB0_7B602C0559CEDC8151AAAA6054F02121 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\870143BC2A84A7707286615E35DA15B8_BF0C0FD39AF79DEA6B75CBCB04E75C3F C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8A574ED5927B3CEC9626151D220C7448 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8DE3549A52F67902ED1B5FC4A6516018_EC78A5462A3E0BF522D459DB037C5E74 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8DFDF057024880D7A081AFBF6D26B92F C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8EBFACB3A66359F9514D044C86BA4794 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8EDCF682921FE94F4A02A43CD1A28E6B C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\91ECFED5143F7F4F4576655D8EFAB51C_04445B39B6A5C29AFCDC2E600F84FCE5 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\91ECFED5143F7F4F4576655D8EFAB51C_116E0776FABEE27563E59B5DCFE5B787 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\91ECFED5143F7F4F4576655D8EFAB51C_1599A1BD89E4FD9E6C0432D7F1FE2E3E C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\91ECFED5143F7F4F4576655D8EFAB51C_1F847B9F56D0487C4E3C0F43B0A50367 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\91ECFED5143F7F4F4576655D8EFAB51C_37986E7148B5C3F4E2DF7D19135F4E3A C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\91ECFED5143F7F4F4576655D8EFAB51C_4BF9E091F7E646918992616FB44457D6 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\91ECFED5143F7F4F4576655D8EFAB51C_666F1D3A3D713572DDE776889297E3BF C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\91ECFED5143F7F4F4576655D8EFAB51C_B50332442695DF0E283683ACF96E2CF4 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\91ECFED5143F7F4F4576655D8EFAB51C_CA8E6BAF2163B000DBA095FE24D16796 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\91ECFED5143F7F4F4576655D8EFAB51C_CBCA69097376DA9DA7430ABB06FF62C7 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\9412CC2E99E8A8FC358ECAE030C18777_F705268D627529F1E6D7B07D775FF3D1 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\944E5B697BC46FE14AB888AE8A1EBB99_F5AF2537D1326ADDEF00682F78B01600 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\9CD8982C888AB544945893084BD7523A C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A1377F7115F1F126A15360369B165211 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A3C4F17BF8CB09C3DF2A086B36306B5C_5A36D6657FCC1B291A94663A41B29CAF C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A3C4F17BF8CB09C3DF2A086B36306B5C_64D61C743A62FC6C7EEFB3648C899BA3 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A3C4F17BF8CB09C3DF2A086B36306B5C_725548FF661BEA9BF8B318D6DE0D65A3 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A3C4F17BF8CB09C3DF2A086B36306B5C_D1DFAACDA915CAB777DA6BE626C028D0 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A44F4E7CB3133FF765C39A53AD8FCFDD C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\AC68F0EC5FC952A7A923830D1455D48A_2C3E2A57F4FC4E8972A90353149C7FCA C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\AC68F0EC5FC952A7A923830D1455D48A_5460A172018674FD1BB2F09B29BFAA93 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\AC68F0EC5FC952A7A923830D1455D48A_54A926F047C5E9ED8CC95EBC9148D686 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\AC68F0EC5FC952A7A923830D1455D48A_FCFC66F418C63C037A5CF64799E8FE0F C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\AC9005F5466BD463DF06D711B370595F C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B03A867CCE8C94003ED3DCC89C3DD995_A311BEB00EC8C3DC3AA3E9E3714AB61C C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B1D4D8DB6B8F8A95577A5F09D0390539_400415EBB5E3145DF4A9DA90BCA63E4A C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B3BB9C1BA2D19E090AE305B2683903A0_6F0A84CE2BA99BD19D42C92610275852 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B42E313F2D821AB5B9273588F81A55DE_D1A15199BCC0F9B8A0F830314290090D C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B681B8816EE79EAEAA5CA7DA9EC0DC58 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B8CC409ACDBF2A2FE04C56F2875B1FD6 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B90B117906B8A74C79D1BC450C2B94B1_A54F26A8A41DE52C237D54D67F12793F C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BD85B81BE34604D821EAF87C55F22BD6 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BD8A14C7C024625432CC03FE72E47EF0_56D5A51152132FA716821C1361187213 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BD8A14C7C024625432CC03FE72E47EF0_872636078BFDECCA7801B30FDCF1D3E8 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BD8A14C7C024625432CC03FE72E47EF0_CE8FCC7861C3AD5B2C06B958AD7EFCBD C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C29AA1B9D7AA8A9381D2CBB3F631AA4B_0DAD6DEE6F90D3B9E1FB7D785AB95B54 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C29AA1B9D7AA8A9381D2CBB3F631AA4B_25AFD186FF8E97F61DEAE11E102C8C7D C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C29AA1B9D7AA8A9381D2CBB3F631AA4B_33005E9CE1439A08448B3677831DEC4A C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C29AA1B9D7AA8A9381D2CBB3F631AA4B_BDCB11EDB220145E6AA04B43A6A691E0 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C437972632A488222EA069E1572887C7_9AD1C6A04DF1BBA89E35E1142E44AE70 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C8E7EC0C85688F4738F3BE49B104BA67 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CA7B2D59B4E9BC2D316D1AECDFC12F63_3CA74E0A123CBB3FAC884E7D489378A4 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CA7B2D59B4E9BC2D316D1AECDFC12F63_442F62E31D7538913A8A7C178BB02351 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CA7B2D59B4E9BC2D316D1AECDFC12F63_6C3560C0AC81229258617DB5E2DCE549 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CA7B2D59B4E9BC2D316D1AECDFC12F63_6F1839EFC65862DD6DC8C47E2F559EE9 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CA7B2D59B4E9BC2D316D1AECDFC12F63_7E894EE055673D354892381460F8723B C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CA7B2D59B4E9BC2D316D1AECDFC12F63_887C5B14D3A10313798BC9D6914E04D4 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CA7B2D59B4E9BC2D316D1AECDFC12F63_9F4C1DCDD33B1F186F26F25668FE9446 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CA7B2D59B4E9BC2D316D1AECDFC12F63_A3F22A5A651285965E2D6280D83B8A8E C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CA7B2D59B4E9BC2D316D1AECDFC12F63_C1E12B24931DF30EF8125657DA7A408C C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CA7B2D59B4E9BC2D316D1AECDFC12F63_D1C8DE338CE424F23183895E7A74CCDA C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CA7B2D59B4E9BC2D316D1AECDFC12F63_DC45763E07EB319604D041473985FAB1 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\D0197CD123129A6D466C5F0FC1584EA2_3C6C7459D4DE3406C1DF8350D5E28578 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\D0197CD123129A6D466C5F0FC1584EA2_A07B271B210AFDA931AF4C4F232C0F42 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\D41693DAFE5DEF0C36959FF1FCEF5C96 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\D473E9C373099A94D5057303FDF0EE65_39B17C5C97CD64B7EE78FBDFB2D76D63 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\D473E9C373099A94D5057303FDF0EE65_96368193DB9EC7266694A8BFD367AE68 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\DBC3362DBFFA16F9E029A084D14E23BE_A6D84554AA391CDF15CBB81FDFEB4FE4 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E5F99F8CA677C9C5793DF9906EE2DCB6_B7A2A485FC61D92650C9D33F1FBC5CB1 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E5F99F8CA677C9C5793DF9906EE2DCB6_FA69CC746B175989B0FDC2BBFA2BD56B C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E6DAA7489C9999D36D1B356E8A295618_33FFC905DCEFE27BD00B1C864B56ED1F C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E73301198D57B204A7AC7683421E6AA2_368B0C0F5792CD75E7493A4B89330809 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EE44ECA143B76F2B9F2A5AA75B5D1EC6_847118BE2683F0C241D1D702F3A3F5F9 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F1C855F22DF0DAE61534ED3C04DC4B58 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F4D9C889B7AEBCF4E1A2DAABC5C3628A_00F5AF71618C982E40FC3BCCA46C1720 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F4D9C889B7AEBCF4E1A2DAABC5C3628A_7C51EAC10E1F61E24EF3E67B7197082C C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F6DEB9C1F3251400F7D6EB743CB14FB4 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F72943F1E01540BBACB5396C76DD6AAA C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F90F18257CBB4D84216AC1E1F3BB2C76 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F99CAC852E278659C1E715225DD11A14_C5CBD28A214631231AF2C849ED7E6529 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\FA2ED4B1D143A5F4D252B12985E8E892_BE47D82D5F48CA33260EF1F487D1A9D3 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\FB788E090BC1F3AA2FBC9E8FB2859601 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\FCD2CC3451EF5F3DB8D4B7DD511B2F77_15830152B5AC9D41315595DF755D816F C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\FCEA474F228C13CD0DAD678431D0ACFC C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\04AFA8793E5CDC4A81C6CD4554A30707 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\130ADF60D1B7B3CF82CC6CA82D961601_2CD9E2B64BF925DBA8B67036CF11760F C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\130ADF60D1B7B3CF82CC6CA82D961601_2FFE778CED2FD9BBAB74B5314F3440CA C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\130ADF60D1B7B3CF82CC6CA82D961601_A1FCA30AC310D8EAE948F012B2135AEE C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\130ADF60D1B7B3CF82CC6CA82D961601_EB064852E492029495F68A42B460783D C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\130ADF60D1B7B3CF82CC6CA82D961601_EC2B8F0C530DA57B6BD72F9ED19E4B95 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\130ADF60D1B7B3CF82CC6CA82D961601_F0ED2E2E4C18AF767323D306D9F72B9E C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\15C9B775FA7F2C683FD76888C21180E6_E27DFEC191FB94181AFA36FA5A594D4D C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\161B1C6D9CDC22FEB7269E395DF82F33_ACE2C216192F681278D474D3F3FB331A C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\17704B7A99D010A5658DCB9355B65471_5FEA55F2BCB4685A54058A290E2CED24 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1DAF2884EC4DFA96BA4A58D4DBC9C406 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1E1CC43385506AF5B63E01C28389BC6F C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\207B9FD92391B9B2A60A89B4C965D5DF C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\21253908F3CB05D51B1C2DA8B681A785 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\23B523C9E7746F715D33C6527C18EB9D C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\2659C1A560AB92C9C29D4B2B25815AE8 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\26AD01F9C002FAD37427E734302383D8_E1DF8F31180BEED965CA2CD894B8B7B4 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\27371171D8BBA336302695C6CEB04833 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\29E7A8984BC663B2CB853E44E7863708_7A5E15A14C0F182689E403969B0457BE C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\30F7B429BB1DACA9B591B41E016BED66_F6024CD0767F1B4C9F060C7479C6DC83 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3130B1871A126520A8C47861EFE3ED4D C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\36F1F6A9CDED762616E5038B5267C2B4_FDDDF8D96BA7CD7FE0C690C86100959B C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\37C951188967C8EB88D99893D9D191FE C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C3948BE6E525B8A8CEE9FAC91C9E392_5BEB6C6453DB87D996BDBC5D90D34AE1 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C3948BE6E525B8A8CEE9FAC91C9E392_C8FA2A733FE2A95A8ABEB57315278F81 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3EF2DCFBD8E45DF4AF38995D1A2C2444_78D034884DE6DC9B5EA15551563873AC C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\40EB206A466C1F1175CCB23E825B3250 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\40FD9B63B9878C0428E679298CD161C2_8D1C9751FDAE411510AC1F5A302695B7 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\4309200C3DBAD0F6F0DFACE9165FD092 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\4859D5BAC918334C46BD5ECFE050190D C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\49514950C94E8026A2B06312597DFF49_33A0493B3756EC93EB52782457685E27 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\49514950C94E8026A2B06312597DFF49_569BD946168DB279A65378F7D088CFD0 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\49514950C94E8026A2B06312597DFF49_AFC22B77ED08EE3E2B28B6DE75CADDF5 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\49514950C94E8026A2B06312597DFF49_F4692EBD578D04048E176E82BB8369BB C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\4B60F9F3A5B2E31C4D52DC308211D7B4 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\50B10292153912D05A7D970B383AACC4 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\5457A8CE4B2A7499F8299A013B6E1C7C_7DCDC9B86C5DA37FEB2732F7D1A586E5 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\5457A8CE4B2A7499F8299A013B6E1C7C_BD1446EE1580F7EA207C073F7ABA5015 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\5457A8CE4B2A7499F8299A013B6E1C7C_D734EC3DD00546F46D368325396086B0 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\5457A8CE4B2A7499F8299A013B6E1C7C_E638F9EA31276B58E6A32FDD5296AB01 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\5457A8CE4B2A7499F8299A013B6E1C7C_E9FCAC30D964AFC39902EC989B1CC9E8 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\5495C2E4531B22B3185CE59F8E73C447 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\566A973C3ADBC70963C072413659C1CB_D359469132EB07C98DE3BB9DA14221B3 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\57C8EDB95DF3F0AD4EE2DC2B8CFD4157 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\5C45AD19E3530EC4218F560AFC04C3F7 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\60E31627FDA0A46932B0E5948949F2A5 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6213E171AE581D2A101181BD4DC37197_9BEC5D040F5D2F1EE3CD01FA280B5632 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6213E171AE581D2A101181BD4DC37197_A18DA6B2AACEBE44DC2555A362CF9BD1 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6213E171AE581D2A101181BD4DC37197_EDE8B8BB80BB8CE893C2A5E172020DEE C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\67F6625BC22310D5C99DDE12020DBD90 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\696F3DE637E6DE85B458996D49D759AD C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\69CB1FD121A3CCB01B235A51441959D6_ECD4EA13E37531F4252022D60B1C8FCC C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6AA3321A15A787985201D7A6820782F0_0AB46376AFB6F40B0426680E3025D384 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6AA3321A15A787985201D7A6820782F0_35BFA9D40D21E81B408449EB9D85CCA4 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6AA3321A15A787985201D7A6820782F0_4E35DE6F4FCFB7BE2C045F6B5ED89FC8 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6AFA4286D305D35CF857C64AE01F5F72 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6B7AED56F69397028F35E77E6DD681FC C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6BDC4BD492765EED974809D29642BE4C_29CEC4282F4E8C4D0242A435219E96EA C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6BDC4BD492765EED974809D29642BE4C_D494156DA37C2FEABFB2C80879C32F7E C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6F0788892ECB795F56E658EDB1CA93AA_72B0992C5B7BCE707348E71AF60DD251 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6F0788892ECB795F56E658EDB1CA93AA_BF10DE8014156320643C29807F220F34 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\724BA1E3D2C377A06FA5FA54F984881F_204A0CEAE21E503F798B2869C9756D5D C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\72FB5B1C7905530E0DF39758E01A3573_68BBA175EC7B40C83DFC74EEDBAE81CE C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\72FB5B1C7905530E0DF39758E01A3573_B9516EA745B9469F500A97DB517D7329 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7396C420A8E1BC1DA97F1AF0D10BAD21 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_11D7BA58D75E54D622A3AD9CDF9905BB C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\74BFD122C0875EC75DBE5C6DB4C59019 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\74ED51A3D229FC7D437854B8EB97E847_3A88D3CC6A54C32191B054A2498A5470 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\778E847A069C51A89BE256E952A0B847_6A69EAF50FE22DDF702CEB4F9535D10E C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EDE1350D6A4830F58081495812F0B6 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\783DF2F5A7C9BC04C36663632D14B993_09E6BFC8958A4903B51F28C3DF0B32CC C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\783DF2F5A7C9BC04C36663632D14B993_169DE3439FD2D9FE0AE07883B5A27A1B C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\783DF2F5A7C9BC04C36663632D14B993_6C67FC20D6E627EA8FBFF0B449CB060B C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7B2238AACCEDC3F1FFE8E7EB5F575EC9 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7B8944BA8AD0EFDF0E01A43EF62BECD0_25C57F273ED293BEE5D74C4D05249BA1 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7B8944BA8AD0EFDF0E01A43EF62BECD0_355DF12EAABE3F04A4C1AF592920E175 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7B8944BA8AD0EFDF0E01A43EF62BECD0_5442B1CAC753FE77C0664BB0A0BCD11E C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7B8944BA8AD0EFDF0E01A43EF62BECD0_8102C2D9BECD09FCBB2BC1857DCCAD50 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7B8944BA8AD0EFDF0E01A43EF62BECD0_83F500F551B7EE7C27E10C290B448CFB C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7B8944BA8AD0EFDF0E01A43EF62BECD0_8BF4BA22D20702BEE68EA4670A170EC1 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7B8944BA8AD0EFDF0E01A43EF62BECD0_8E53C663229525C77803EAE589F84C54 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7B8944BA8AD0EFDF0E01A43EF62BECD0_CD4662E1A7F15144990B9C9F03164C3A C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7B8944BA8AD0EFDF0E01A43EF62BECD0_FB6BD2AF592BD59C48D4520A31AC1EA3 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7B8944BA8AD0EFDF0E01A43EF62BECD0_FC9386660504DD089A3224FBCF3C0610 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7BB0ACA324B4F65640EBBD7813B49595_062959C5931BBE6012A98652EF1175E1 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7C1B7BA2D0A4C1307F3A4A532F819AA1_4AD3ACCBF8143C084378A3AE6D7BA712 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7C1B7BA2D0A4C1307F3A4A532F819AA1_FF6C5146232725C2AFED98CFFB2EB40C C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7D1F03728133589A90656A87E482B21F C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7D266D9E1E69FA1EEFB9699B009B34C8_0A9BFDD75B598C2110CBF610C078E6E6 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\855CF405355328EC482A28D56A44CFB0_4B2274C4F7D9E7D3BB5540980456589C C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\855CF405355328EC482A28D56A44CFB0_7B602C0559CEDC8151AAAA6054F02121 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\870143BC2A84A7707286615E35DA15B8_BF0C0FD39AF79DEA6B75CBCB04E75C3F C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8A574ED5927B3CEC9626151D220C7448 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8DE3549A52F67902ED1B5FC4A6516018_EC78A5462A3E0BF522D459DB037C5E74 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8DFDF057024880D7A081AFBF6D26B92F C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8EBFACB3A66359F9514D044C86BA4794 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8EDCF682921FE94F4A02A43CD1A28E6B C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\91ECFED5143F7F4F4576655D8EFAB51C_04445B39B6A5C29AFCDC2E600F84FCE5 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\91ECFED5143F7F4F4576655D8EFAB51C_116E0776FABEE27563E59B5DCFE5B787 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\91ECFED5143F7F4F4576655D8EFAB51C_1599A1BD89E4FD9E6C0432D7F1FE2E3E C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\91ECFED5143F7F4F4576655D8EFAB51C_1F847B9F56D0487C4E3C0F43B0A50367 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\91ECFED5143F7F4F4576655D8EFAB51C_37986E7148B5C3F4E2DF7D19135F4E3A C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\91ECFED5143F7F4F4576655D8EFAB51C_4BF9E091F7E646918992616FB44457D6 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\91ECFED5143F7F4F4576655D8EFAB51C_666F1D3A3D713572DDE776889297E3BF C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\91ECFED5143F7F4F4576655D8EFAB51C_B50332442695DF0E283683ACF96E2CF4 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\91ECFED5143F7F4F4576655D8EFAB51C_CA8E6BAF2163B000DBA095FE24D16796 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\91ECFED5143F7F4F4576655D8EFAB51C_CBCA69097376DA9DA7430ABB06FF62C7 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\9412CC2E99E8A8FC358ECAE030C18777_F705268D627529F1E6D7B07D775FF3D1 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\944E5B697BC46FE14AB888AE8A1EBB99_F5AF2537D1326ADDEF00682F78B01600 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\9CD8982C888AB544945893084BD7523A C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A1377F7115F1F126A15360369B165211 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A3C4F17BF8CB09C3DF2A086B36306B5C_5A36D6657FCC1B291A94663A41B29CAF C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A3C4F17BF8CB09C3DF2A086B36306B5C_64D61C743A62FC6C7EEFB3648C899BA3 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A3C4F17BF8CB09C3DF2A086B36306B5C_725548FF661BEA9BF8B318D6DE0D65A3 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A3C4F17BF8CB09C3DF2A086B36306B5C_D1DFAACDA915CAB777DA6BE626C028D0 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A44F4E7CB3133FF765C39A53AD8FCFDD C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\AC68F0EC5FC952A7A923830D1455D48A_2C3E2A57F4FC4E8972A90353149C7FCA C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\AC68F0EC5FC952A7A923830D1455D48A_5460A172018674FD1BB2F09B29BFAA93 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\AC68F0EC5FC952A7A923830D1455D48A_54A926F047C5E9ED8CC95EBC9148D686 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\AC68F0EC5FC952A7A923830D1455D48A_FCFC66F418C63C037A5CF64799E8FE0F C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\AC9005F5466BD463DF06D711B370595F C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B03A867CCE8C94003ED3DCC89C3DD995_A311BEB00EC8C3DC3AA3E9E3714AB61C C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B1D4D8DB6B8F8A95577A5F09D0390539_400415EBB5E3145DF4A9DA90BCA63E4A C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B3BB9C1BA2D19E090AE305B2683903A0_6F0A84CE2BA99BD19D42C92610275852 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B42E313F2D821AB5B9273588F81A55DE_D1A15199BCC0F9B8A0F830314290090D C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B681B8816EE79EAEAA5CA7DA9EC0DC58 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B8CC409ACDBF2A2FE04C56F2875B1FD6 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B90B117906B8A74C79D1BC450C2B94B1_A54F26A8A41DE52C237D54D67F12793F C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\BD85B81BE34604D821EAF87C55F22BD6 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\BD8A14C7C024625432CC03FE72E47EF0_56D5A51152132FA716821C1361187213 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\BD8A14C7C024625432CC03FE72E47EF0_872636078BFDECCA7801B30FDCF1D3E8 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\BD8A14C7C024625432CC03FE72E47EF0_CE8FCC7861C3AD5B2C06B958AD7EFCBD C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C29AA1B9D7AA8A9381D2CBB3F631AA4B_0DAD6DEE6F90D3B9E1FB7D785AB95B54 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C29AA1B9D7AA8A9381D2CBB3F631AA4B_25AFD186FF8E97F61DEAE11E102C8C7D C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C29AA1B9D7AA8A9381D2CBB3F631AA4B_33005E9CE1439A08448B3677831DEC4A C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C29AA1B9D7AA8A9381D2CBB3F631AA4B_BDCB11EDB220145E6AA04B43A6A691E0 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C437972632A488222EA069E1572887C7_9AD1C6A04DF1BBA89E35E1142E44AE70 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C8E7EC0C85688F4738F3BE49B104BA67 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CA7B2D59B4E9BC2D316D1AECDFC12F63_3CA74E0A123CBB3FAC884E7D489378A4 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CA7B2D59B4E9BC2D316D1AECDFC12F63_442F62E31D7538913A8A7C178BB02351 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CA7B2D59B4E9BC2D316D1AECDFC12F63_6C3560C0AC81229258617DB5E2DCE549 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CA7B2D59B4E9BC2D316D1AECDFC12F63_6F1839EFC65862DD6DC8C47E2F559EE9 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CA7B2D59B4E9BC2D316D1AECDFC12F63_7E894EE055673D354892381460F8723B C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CA7B2D59B4E9BC2D316D1AECDFC12F63_887C5B14D3A10313798BC9D6914E04D4 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CA7B2D59B4E9BC2D316D1AECDFC12F63_9F4C1DCDD33B1F186F26F25668FE9446 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CA7B2D59B4E9BC2D316D1AECDFC12F63_A3F22A5A651285965E2D6280D83B8A8E C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CA7B2D59B4E9BC2D316D1AECDFC12F63_C1E12B24931DF30EF8125657DA7A408C C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CA7B2D59B4E9BC2D316D1AECDFC12F63_D1C8DE338CE424F23183895E7A74CCDA C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CA7B2D59B4E9BC2D316D1AECDFC12F63_DC45763E07EB319604D041473985FAB1 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\D0197CD123129A6D466C5F0FC1584EA2_3C6C7459D4DE3406C1DF8350D5E28578 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\D0197CD123129A6D466C5F0FC1584EA2_A07B271B210AFDA931AF4C4F232C0F42 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\D41693DAFE5DEF0C36959FF1FCEF5C96 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\D473E9C373099A94D5057303FDF0EE65_39B17C5C97CD64B7EE78FBDFB2D76D63 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\D473E9C373099A94D5057303FDF0EE65_96368193DB9EC7266694A8BFD367AE68 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DBC3362DBFFA16F9E029A084D14E23BE_A6D84554AA391CDF15CBB81FDFEB4FE4 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E5F99F8CA677C9C5793DF9906EE2DCB6_B7A2A485FC61D92650C9D33F1FBC5CB1 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E5F99F8CA677C9C5793DF9906EE2DCB6_FA69CC746B175989B0FDC2BBFA2BD56B C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E6DAA7489C9999D36D1B356E8A295618_33FFC905DCEFE27BD00B1C864B56ED1F C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E73301198D57B204A7AC7683421E6AA2_368B0C0F5792CD75E7493A4B89330809 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\EE44ECA143B76F2B9F2A5AA75B5D1EC6_847118BE2683F0C241D1D702F3A3F5F9 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F1C855F22DF0DAE61534ED3C04DC4B58 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F4D9C889B7AEBCF4E1A2DAABC5C3628A_00F5AF71618C982E40FC3BCCA46C1720 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F4D9C889B7AEBCF4E1A2DAABC5C3628A_7C51EAC10E1F61E24EF3E67B7197082C C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F6DEB9C1F3251400F7D6EB743CB14FB4 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F72943F1E01540BBACB5396C76DD6AAA C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F90F18257CBB4D84216AC1E1F3BB2C76 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F99CAC852E278659C1E715225DD11A14_C5CBD28A214631231AF2C849ED7E6529 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\FA2ED4B1D143A5F4D252B12985E8E892_BE47D82D5F48CA33260EF1F487D1A9D3 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\FB788E090BC1F3AA2FBC9E8FB2859601 C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\FCD2CC3451EF5F3DB8D4B7DD511B2F77_15830152B5AC9D41315595DF755D816F C:\Users\Berthalie\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\FCEA474F228C13CD0DAD678431D0ACFC C:\Users\BERTHA~1\AppData\Local\Temp\avgnt.exe C:\Users\BERTHA~1\AppData\Local\Temp\jrt C:\Users\BERTHA~1\AppData\Local\Temp\updater_temp_truesuite C:\Windows\TEMP\ACLM C:\Windows\TEMP\lpksetup-20140415-182028-0.log C:\Windows\TEMP\lpksetup-20140416-085538-0.log C:\Windows\TEMP\lpksetup-20140416-191412-0.log C:\Windows\TEMP\lpksetup-20140417-090736-0.log C:\Windows\TEMP\lpksetup-20140417-165427-0.log C:\Windows\TEMP\lpksetup-20140417-215049-0.log C:\Windows\TEMP\lpksetup-20140418-093351-0.log C:\Windows\TEMP\ACLM\ACLMLog.txt C:\Windows\Prefetch\7ZA.EXE-02AD3940.pf C:\Windows\Prefetch\ADWCLEANER.EXE-5ED85AFA.pf C:\Windows\Prefetch\AgAppLaunch.db C:\Windows\Prefetch\AgCx_S1_S-1-5-21-3010290874-4165481152-1425161321-1000.snp.db C:\Windows\Prefetch\AgCx_SC1.db C:\Windows\Prefetch\AgCx_SC1.db.trx C:\Windows\Prefetch\AgCx_SC2.db C:\Windows\Prefetch\AgCx_SC3_A1B18C7DB09A93EF.db C:\Windows\Prefetch\AgCx_SC4.db C:\Windows\Prefetch\AgGlFaultHistory.db C:\Windows\Prefetch\AgGlFgAppHistory.db C:\Windows\Prefetch\AgGlGlobalHistory.db C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-3010290874-4165481152-1425161321-1000.db C:\Windows\Prefetch\AgGlUAD_S-1-5-21-3010290874-4165481152-1425161321-1000.db C:\Windows\Prefetch\AgRobust.db C:\Windows\Prefetch\ATBROKER.EXE-2E15A492.pf C:\Windows\Prefetch\AUDIODG.EXE-BDFD3029.pf C:\Windows\Prefetch\AVCENTER.EXE-FD66D2A7.pf C:\Windows\Prefetch\AVWEBG7.EXE-A56FAA5E.pf C:\Windows\Prefetch\AVWSC.EXE-9DE67EBB.pf C:\Windows\Prefetch\CCC.EXE-B637C9BF.pf C:\Windows\Prefetch\CCUAC.EXE-3A725DBA.pf C:\Windows\Prefetch\CHECKUPDATE.EXE-E815963F.pf C:\Windows\Prefetch\CHROME.EXE-D999B1BA.pf C:\Windows\Prefetch\CLI.EXE-BB402402.pf C:\Windows\Prefetch\CMD.EXE-4A81B364.pf C:\Windows\Prefetch\CMD.EXE-AC113AA8.pf C:\Windows\Prefetch\CONHOST.EXE-1F3E9D7E.pf C:\Windows\Prefetch\CONSENT.EXE-531BD9EA.pf C:\Windows\Prefetch\CSC.EXE-A3B8D95D.pf C:\Windows\Prefetch\CUT.DAT-761EFD65.pf C:\Windows\Prefetch\CVTRES.EXE-069169FB.pf C:\Windows\Prefetch\DEFRAG.EXE-588F90AD.pf C:\Windows\Prefetch\DLLHOST.EXE-40DD444D.pf C:\Windows\Prefetch\DLLHOST.EXE-4F28A26F.pf C:\Windows\Prefetch\DLLHOST.EXE-5E46FA0D.pf C:\Windows\Prefetch\DLLHOST.EXE-61F58501.pf C:\Windows\Prefetch\DLLHOST.EXE-766398D2.pf C:\Windows\Prefetch\DLLHOST.EXE-76936ED5.pf C:\Windows\Prefetch\DLLHOST.EXE-A8DE6D5B.pf C:\Windows\Prefetch\DLLHOST.EXE-E7777CC4.pf C:\Windows\Prefetch\DWM.EXE-6FFD3DA8.pf C:\Windows\Prefetch\ERUNT.EXE-4693F4DE.pf C:\Windows\Prefetch\EXPLORER.EXE-A80E4F97.pf C:\Windows\Prefetch\FC.EXE-F6221E79.pf C:\Windows\Prefetch\FILTERAPP_C64.EXE-0C450165.pf C:\Windows\Prefetch\FIND.EXE-9AADDA11.pf C:\Windows\Prefetch\FINDSTR.EXE-6C611AA6.pf C:\Windows\Prefetch\FIREFOX.EXE-18ACFCFF.pf C:\Windows\Prefetch\FLASHPLAYERPLUGIN_12_0_0_77.E-4466A2F5.pf C:\Windows\Prefetch\FLASHPLAYERUPDATESERVICE.EXE-216D9C35.pf C:\Windows\Prefetch\GOOGLEUPDATE.EXE-97239F27.pf C:\Windows\Prefetch\GOOGLEUPDATE.EXE-B95715F5.pf C:\Windows\Prefetch\HPCASLNOTIFICATION.EXE-F1274B82.pf C:\Windows\Prefetch\HPCMSRV.EXE-90C8761B.pf C:\Windows\Prefetch\HPCONNECTIONMANAGER.EXE-4032C2F3.pf C:\Windows\Prefetch\HPSA_SERVICE.EXE-AD6579F0.pf C:\Windows\Prefetch\HPSFREPORT.EXE-F3375220.pf C:\Windows\Prefetch\HPTASKBAR3.EXE-A6188DE5.pf C:\Windows\Prefetch\IASTORDATAMGRSVC.EXE-C086B157.pf C:\Windows\Prefetch\IGFXSRVC.EXE-96A493A4.pf C:\Windows\Prefetch\IGFXTRAY.EXE-C444237E.pf C:\Windows\Prefetch\IPMGUI.EXE-F9CAB886.pf C:\Windows\Prefetch\JRT.EXE-5FE06FAC.pf C:\Windows\Prefetch\Layout.ini C:\Windows\Prefetch\LMS.EXE-8C70F87D.pf C:\Windows\Prefetch\LOGONUI.EXE-09140401.pf C:\Windows\Prefetch\LPKSETUP.EXE-90F505D8.pf C:\Windows\Prefetch\MEGABROWSE.BROWSERADAPTER.EXE-3EB2F119.pf C:\Windows\Prefetch\MOM.EXE-42E9F9DF.pf C:\Windows\Prefetch\MSCORSVW.EXE-57D17DAF.pf C:\Windows\Prefetch\MSCORSVW.EXE-C3C515BD.pf C:\Windows\Prefetch\MSFEEDSSYNC.EXE-6E6FBDF4.pf C:\Windows\Prefetch\NCPLUGINUPDATER.EXE-FC819644.pf C:\Windows\Prefetch\NET.EXE-40D48057.pf C:\Windows\Prefetch\NET1.EXE-3D280034.pf C:\Windows\Prefetch\NIRCMD.DAT-9966FF6A.pf C:\Windows\Prefetch\NOTEPAD.EXE-1605FA5B.pf C:\Windows\Prefetch\NTOSBOOT-B00DFAAD.pf C:\Windows\Prefetch\PfSvPerfStats.bin C:\Windows\Prefetch\PING.EXE-371F41E2.pf C:\Windows\Prefetch\PLUGIN-CONTAINER.EXE-F1B02F03.pf C:\Windows\Prefetch\PRESENTATIONFONTCACHE.EXE-73BE9E78.pf C:\Windows\Prefetch\ReadyBoot C:\Windows\Prefetch\REG.EXE-4978446A.pf C:\Windows\Prefetch\REGEDIT.EXE-2023FAA8.pf C:\Windows\Prefetch\REGSVR32.EXE-D5170E12.pf C:\Windows\Prefetch\RICONMAN.EXE-9FED550E.pf C:\Windows\Prefetch\RUNDLL32.EXE-411A328D.pf C:\Windows\Prefetch\RUNDLL32.EXE-A3E35360.pf C:\Windows\Prefetch\RUNDLL32.EXE-DE9673F9.pf C:\Windows\Prefetch\RUNONCE.EXE-D0649312.pf C:\Windows\Prefetch\SC.EXE-1CF1DE92.pf C:\Windows\Prefetch\SCHTASKS.EXE-5CA45734.pf C:\Windows\Prefetch\SDCLT.EXE-E10B972A.pf C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-77482212.pf C:\Windows\Prefetch\SEARCHINDEXER.EXE-4A6353B9.pf C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-0CB8CADE.pf C:\Windows\Prefetch\SED.DAT-F9953495.pf C:\Windows\Prefetch\SFTGC.EXE-AC281797.pf C:\Windows\Prefetch\SHORTCUT.DAT-5F3E1825.pf C:\Windows\Prefetch\SORT.EXE-522F521C.pf C:\Windows\Prefetch\SPPSVC.EXE-B0F8131B.pf C:\Windows\Prefetch\SVCHOST.EXE-007FEA55.pf C:\Windows\Prefetch\SVCHOST.EXE-3AB35CA7.pf C:\Windows\Prefetch\SVCHOST.EXE-6168E4A3.pf C:\Windows\Prefetch\SVCHOST.EXE-7AC6742A.pf C:\Windows\Prefetch\SVCHOST.EXE-7CFEDEA3.pf C:\Windows\Prefetch\SVCHOST.EXE-80F4A784.pf C:\Windows\Prefetch\SVCHOST.EXE-C871F054.pf C:\Windows\Prefetch\SVCHOST.EXE-E2C2633A.pf C:\Windows\Prefetch\SYNTPENH.EXE-E6DC1353.pf C:\Windows\Prefetch\SYNTPHELPER.EXE-0A20AAC4.pf C:\Windows\Prefetch\SYSTPLSERVICE.EXE-310A5EF4.pf C:\Windows\Prefetch\TASKENG.EXE-48D4E289.pf C:\Windows\Prefetch\TASKHOST.EXE-7238F31D.pf C:\Windows\Prefetch\TASKKILL.EXE-E0105477.pf C:\Windows\Prefetch\TASKLIST.EXE-178413B7.pf C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-3CC531E5.pf C:\Windows\Prefetch\UNS.EXE-E6E49771.pf C:\Windows\Prefetch\UNSECAPP.EXE-A02905A6.pf C:\Windows\Prefetch\UPDATE.EXE-0D8A637E.pf C:\Windows\Prefetch\UPDATEMEGABROWSE.EXE-285323C0.pf C:\Windows\Prefetch\UPDATERSTARTUPUTILITY.EXE-E056967B.pf C:\Windows\Prefetch\UPDATETASK.EXE-0A2B24B8.pf C:\Windows\Prefetch\UPDRGUI.EXE-D0FBFF97.pf C:\Windows\Prefetch\USERINIT.EXE-2257A3E7.pf C:\Windows\Prefetch\UTILMEGABROWSE.EXE-3C226768.pf C:\Windows\Prefetch\VSSVC.EXE-B8AFC319.pf C:\Windows\Prefetch\WERMGR.EXE-0F2AC88C.pf C:\Windows\Prefetch\WEVTUTIL.EXE-400D93E8.pf C:\Windows\Prefetch\WGET.DAT-179BA804.pf C:\Windows\Prefetch\WIRELESSOFFMSG.EXE-286C32A5.pf C:\Windows\Prefetch\WMIADAP.EXE-F8DFDFA2.pf C:\Windows\Prefetch\WMIPRVSE.EXE-1628051C.pf C:\Windows\Prefetch\WMPNETWK.EXE-D9F2A96F.pf C:\Windows\Prefetch\WMPNSCFG.EXE-FC0D39BF.pf C:\Windows\Prefetch\WSQMCONS.EXE-118B52B7.pf C:\Windows\Prefetch\ReadyBoot\Trace1.fx C:\Windows\Prefetch\ReadyBoot\Trace10.fx C:\Windows\Prefetch\ReadyBoot\Trace2.fx C:\Windows\Prefetch\ReadyBoot\Trace8.fx C:\Windows\Prefetch\ReadyBoot\Trace9.fx Corbeille vidée. Fin du rapport. 2ème scan: Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 18/04/2014 Scan Time: 13:39:35 Logfile: MAB 18 04 2014.txt Administrator: Yes Version: 2.00.1.1004 Malware Database: v2014.04.18.03 Rootkit Database: v2014.03.27.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Chameleon: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: Berthalie Scan Type: Threat Scan Result: Completed Objects Scanned: 270549 Time Elapsed: 3 hr, 26 min, 49 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Shuriken: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 30 PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{FBC322D5-407E-4854-8C0B-555B951FD8E3}, Quarantined, [00cb69c2b6c5da5cc3f30447be4458a8], PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{0400EBCA-042C-4000-AA89-9713FBEDB671}, Quarantined, [00cb69c2b6c5da5cc3f30447be4458a8], PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{0BD19251-4B4B-4B94-AB16-617106245BB7}, Quarantined, [00cb69c2b6c5da5cc3f30447be4458a8], PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{3281114F-BCAB-45E3-80D9-A6CD64D4E636}, Quarantined, [00cb69c2b6c5da5cc3f30447be4458a8], PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{44533FCB-F9FB-436A-8B6B-CF637B2D465A}, Quarantined, [00cb69c2b6c5da5cc3f30447be4458a8], PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{44B29DDD-CF7A-454A-A275-A322A398D93F}, Quarantined, [00cb69c2b6c5da5cc3f30447be4458a8], PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{A4DE94DB-DF03-45A3-8A5D-D1B7464B242D}, Quarantined, [00cb69c2b6c5da5cc3f30447be4458a8], PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{AA0F50A8-2618-4AE4-A779-9F7378555A8F}, Quarantined, [00cb69c2b6c5da5cc3f30447be4458a8], PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{B2DB115C-8278-4947-9A07-57B53D1C4215}, Quarantined, [00cb69c2b6c5da5cc3f30447be4458a8], PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{B97FC455-DB33-431D-84DB-6F1514110BD5}, Quarantined, [00cb69c2b6c5da5cc3f30447be4458a8], PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{C67281E0-78F5-4E49-9FAE-4B1B2ADAF17B}, Quarantined, [00cb69c2b6c5da5cc3f30447be4458a8], PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{E72E9312-0367-4216-BFC7-21485FA8390B}, Quarantined, [00cb69c2b6c5da5cc3f30447be4458a8], PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{F6CCB6C9-127E-44AE-8552-B94356F39FFE}, Quarantined, [00cb69c2b6c5da5cc3f30447be4458a8], PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{FFD25630-2734-4AE9-88E6-21BF6525F3FE}, Quarantined, [00cb69c2b6c5da5cc3f30447be4458a8], PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{0400EBCA-042C-4000-AA89-9713FBEDB671}, Quarantined, [00cb69c2b6c5da5cc3f30447be4458a8], PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{0BD19251-4B4B-4B94-AB16-617106245BB7}, Quarantined, [00cb69c2b6c5da5cc3f30447be4458a8], PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{3281114F-BCAB-45E3-80D9-A6CD64D4E636}, Quarantined, [00cb69c2b6c5da5cc3f30447be4458a8], PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{44533FCB-F9FB-436A-8B6B-CF637B2D465A}, Quarantined, [00cb69c2b6c5da5cc3f30447be4458a8], PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{44B29DDD-CF7A-454A-A275-A322A398D93F}, Quarantined, [00cb69c2b6c5da5cc3f30447be4458a8], PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{A4DE94DB-DF03-45A3-8A5D-D1B7464B242D}, Quarantined, [00cb69c2b6c5da5cc3f30447be4458a8], PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{AA0F50A8-2618-4AE4-A779-9F7378555A8F}, Quarantined, [00cb69c2b6c5da5cc3f30447be4458a8], PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{B2DB115C-8278-4947-9A07-57B53D1C4215}, Quarantined, [00cb69c2b6c5da5cc3f30447be4458a8], PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{B97FC455-DB33-431D-84DB-6F1514110BD5}, Quarantined, [00cb69c2b6c5da5cc3f30447be4458a8], PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{C67281E0-78F5-4E49-9FAE-4B1B2ADAF17B}, Quarantined, [00cb69c2b6c5da5cc3f30447be4458a8], PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{E72E9312-0367-4216-BFC7-21485FA8390B}, Quarantined, [00cb69c2b6c5da5cc3f30447be4458a8], PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{F6CCB6C9-127E-44AE-8552-B94356F39FFE}, Quarantined, [00cb69c2b6c5da5cc3f30447be4458a8], PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{FFD25630-2734-4AE9-88E6-21BF6525F3FE}, Quarantined, [00cb69c2b6c5da5cc3f30447be4458a8], PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{FBC322D5-407E-4854-8C0B-555B951FD8E3}, Quarantined, [00cb69c2b6c5da5cc3f30447be4458a8], PUP.Optional.MegaBrowse.A, HKLM\SOFTWARE\WOW6432NODE\Mega Browse, Quarantined, [4c7ff833aecdd561f2d1353f778b7987], PUP.Optional.MegaBrowse.A, HKU\S-1-5-21-3010290874-4165481152-1425161321-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Mega Browse, Quarantined, [438856d5710ad363d2f04f25bd45ca36], Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 5 PUP.Optional.DomaIQ, C:\Users\Berthalie\Downloads\Java.exe, Quarantined, [cffc1a113f3c7cbadda50e12fb06de22], Adware.InstallBrain, C:\Users\Berthalie\Downloads\RocketPDFSetup.exe, Quarantined, [8843dd4ed4a7da5c1080cb3736cbc838], PUP.Optional.Vittalia, C:\Users\Berthalie\Downloads\installer_adobe_photoshop_cs5_12_0_3_French.exe, Quarantined, [15b668c39dde7db9d9a888c827da7d83], PUP.Optional.MegaBrowse.A, C:\Users\Berthalie\AppData\Roaming\Mozilla\Firefox\Profiles\4dajxhn7.default\extensions\{29b136c9-938d-4d3d-8df8-d649d9b74d02}.xpi, Quarantined, [3299d45743380f2747187ef58b777b85], PUP.Optional.MySearchDial.A, C:\Users\Berthalie\AppData\Local\Google\Chrome\User Data\Default\preferences, Good: (), Bad: ( "startup_urls": [ "http://start.mysearchdial.com/?f=1&a=tele_14_12_ie&cd=2XzuyEtN2Y1L1Qzu0E0Czy0AyByEyEtA0DyC0B0BtBtC0AyEtN0D0Tzu0SzztCtAtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyDzztDtByDtCyCyCtGyD0AyBzytG0CyDtAtCtG0EtBzyyCtGyCzytBtCzyzz0CyEzy0DtB0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyBtC0EtA0FyDtA0FtG0D0B0DtDtGtDyB0BtBtG0AzyzyzztGyDtA0F0B0E0Dzz0D0C0D0BtD2Q&cr=1694690602&ir=", "http://feed.snapdo.com/?p=mKO_AwFzXIpYRaHk7fb-MO5XCXXVn8iDR8pW-E-OJbVqOPUTceunT9xDBqTAsjTjtdfC1z1hOX49TO5ZCPn_aBY2iYz3YKVLF89WMTB7iByBoy9hjW4qaNe1YW_ENzzV22LRv3PSt_J-jBqboL9fQNq2pKPZr8Wr7oL4CsXMfNxyLYS22sX98IiYaNERrx5AOZv-7Nkvj92PSBU, " ],), Replaced,[f2d981aa8dee75c12c63c29123e11de3] Physical Sectors: 0 (No malicious items detected) (end)
  6. platinium
    PS : le rapport marque Mega browse comme supprimé mais les fenêtres Mega browse s'ouvrent encore.
  7. platinium
    Merci pour ces informations je ne savais pas du tout. J'avais tendance effectivement à télécharger sur ces sites lorsque j'avais un problème. J'ai essayé de me débrouiller seul mais j'ai fait pire que mieux. Voici le rapport de Adw cleaner: # AdwCleaner v3.023 - Rapport créé le 17/04/2014 à 21:48:27 # Mis à jour le 01/04/2014 par Xplode # Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits) # Nom d'utilisateur : Berthalie - BERTHALIE-HP # Exécuté depuis : C:\Users\Berthalie\Downloads\adwcleaner.exe # Option : Nettoyer ***** [ Services ] ***** [#] Service Supprimé : Update Mega Browse [#] Service Supprimé : Util Mega Browse ***** [ Fichiers / Dossiers ] ***** Dossier Supprimé : C:\Program Files (x86)\HiDefMedia Dossier Supprimé : C:\Program Files (x86)\LPT [!] Dossier Supprimé : C:\Program Files (x86)\Mega Browse Dossier Supprimé : C:\Users\Berthalie\AppData\Local\LPT Dossier Supprimé : C:\Users\Berthalie\AppData\Local\Smartbar Dossier Supprimé : C:\Users\Berthalie\AppData\Roaming\Tlapia Fichier Supprimé : C:\Users\Public\Desktop\eBay.lnk Fichier Supprimé : C:\Users\Berthalie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pflphaooapbgpeakohlggbpidpppgdff_0.localstorage Fichier Supprimé : C:\Windows\Tasks\MySearchDial.job Fichier Supprimé : C:\Windows\System32\Tasks\MySearchDial ***** [ Raccourcis ] ***** ***** [ Registre ] ***** Clé Supprimée : HKLM\SOFTWARE\Classes\*\shell\filescout Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323} Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0} Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{3004627E-F8E9-4E8B-909D-316753CBA923} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{4E6CD411-CE62-4584-97FF-6AFBCF6900AF} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{4ED063C9-4A0B-4B44-A9DC-23AFF424A0D3} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{C358B3D0-B911-41E3-A276-E7D43A6BA56D} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E6CD411-CE62-4584-97FF-6AFBCF6900AF} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3004627E-F8E9-4E8B-909D-316753CBA923} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4E6CD411-CE62-4584-97FF-6AFBCF6900AF} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3004627E-F8E9-4E8B-909D-316753CBA923} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4E6CD411-CE62-4584-97FF-6AFBCF6900AF} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8} Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8} Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8} Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3} Clé Supprimée : HKLM\Software\Vittalia ***** [ Navigateurs ] ***** -\\ Internet Explorer v10.0.9200.16866 Paramètre Restauré : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [start Page] -\\ Mozilla Firefox v28.0 (fr) [ Fichier : C:\Users\Berthalie\AppData\Roaming\Mozilla\Firefox\Profiles\4dajxhn7.default\prefs.js ] -\\ Google Chrome v34.0.1847.116 [ Fichier : C:\Users\Berthalie\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [5744 octets] - [17/04/2014 21:47:42] AdwCleaner[s0].txt - [4982 octets] - [17/04/2014 21:48:27] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [5042 octets] ##########
  8. platinium
    Voici le résultat du scan: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.1.4 (04.06.2014:1) OS: Windows 7 Home Premium x64 Ran by Berthalie on 17/04/2014 at 17:18:27,90 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{3004627E-F8E9-4E8B-909D-316753CBA923} Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escort.dll Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escortapp.dll Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escorteng.dll Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escortlbr.dll Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\esrv.exe Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\filescout Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installcore Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\mysearchdial Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\installcore Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\systweak Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\esrv.mysearchdialesrvc Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\esrv.mysearchdialesrvc.1 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mysearchdial.mysearchdialappcore Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mysearchdial.mysearchdialappcore.1 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mysearchdial.mysearchdialdskbnd Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mysearchdial.mysearchdialdskbnd.1 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mysearchdial.mysearchdialhlpr Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mysearchdial.mysearchdialhlpr.1 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\mysearchdial Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_pour_getdataback-for-ntfs_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_pour_getdataback-for-ntfs_RASMANCS Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_getdataback-for-ntfs_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_getdataback-for-ntfs_RASMANCS Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{A37E4D24-D27B-4851-A3DB-8004E9B14C66} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{A37E4D24-D27B-4851-A3DB-8004E9B14C66} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3} ~~~ Files Successfully deleted: [File] C:\Windows\syswow64\shoE3F8.tmp ~~~ Folders Successfully deleted: [Folder] "C:\Users\Berthalie\AppData\Roaming\file scout" Successfully deleted: [Folder] "C:\Users\Berthalie\AppData\Roaming\getrighttogo" Successfully deleted: [Folder] "C:\Users\Berthalie\AppData\Roaming\mysearchdial" Successfully deleted: [Folder] "C:\Users\Berthalie\appdata\locallow\smartbar" Successfully deleted: [Folder] "C:\Program Files (x86)\mysearchdial" Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin" Successfully deleted: [Empty Folder] C:\Users\Berthalie\appdata\local\{1D6D1C31-2C32-4933-8120-55BCCD918119} Successfully deleted: [Empty Folder] C:\Users\Berthalie\appdata\local\{36133C35-C256-4B97-8DB5-1B1AC278AD6F} Successfully deleted: [Empty Folder] C:\Users\Berthalie\appdata\local\{3A8F170A-E65D-4238-8E20-7419F0421492} Successfully deleted: [Empty Folder] C:\Users\Berthalie\appdata\local\{664884C5-58F0-4CB4-AB24-51E3DC0292B9} Successfully deleted: [Empty Folder] C:\Users\Berthalie\appdata\local\{686586E5-7380-4EC1-A51D-92EC7CD578D4} Successfully deleted: [Empty Folder] C:\Users\Berthalie\appdata\local\{6DDE13FA-181C-44C0-BCCA-21BB8FE48C87} Successfully deleted: [Empty Folder] C:\Users\Berthalie\appdata\local\{8DBAE903-7821-45F0-B591-B58F225E8FEC} Successfully deleted: [Empty Folder] C:\Users\Berthalie\appdata\local\{952AD7AF-6BBE-4C2C-89BB-06E44D8B5696} Successfully deleted: [Empty Folder] C:\Users\Berthalie\appdata\local\{A1829961-4477-45F1-9737-E904FDBF9023} Successfully deleted: [Empty Folder] C:\Users\Berthalie\appdata\local\{B471072A-7EC8-41AC-87F1-9578AE48440B} Successfully deleted: [Empty Folder] C:\Users\Berthalie\appdata\local\{BF6C8F99-A2D8-4A9B-9F80-186F8DC2B072} Successfully deleted: [Empty Folder] C:\Users\Berthalie\appdata\local\{C659B0F1-33C2-4236-A3E7-E42689134956} Successfully deleted: [Empty Folder] C:\Users\Berthalie\appdata\local\{C9A3CDDA-15E8-46B4-94E5-BCE38C619D93} Successfully deleted: [Empty Folder] C:\Users\Berthalie\appdata\local\{CACD7879-D037-4E83-BC9F-4FC217207FD7} Successfully deleted: [Empty Folder] C:\Users\Berthalie\appdata\local\{E04E8A80-A99F-4559-A930-047BC8826214} Successfully deleted: [Empty Folder] C:\Users\Berthalie\appdata\local\{E292CBE5-3601-4AC7-86E9-5C841868FEE2} Successfully deleted: [Empty Folder] C:\Users\Berthalie\appdata\local\{E3393FDD-18D7-405E-B2DC-221F8FE178C4} Successfully deleted: [Empty Folder] C:\Users\Berthalie\appdata\local\{E7A12FA3-3004-4500-9B1B-0193DDC35C26} Successfully deleted: [Empty Folder] C:\Users\Berthalie\appdata\local\{E92F2B32-9B6A-499C-BEF1-1CC4177AD26C} ~~~ FireFox Emptied folder: C:\Users\Berthalie\AppData\Roaming\mozilla\firefox\profiles\4dajxhn7.default\minidumps [6 files] ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 17/04/2014 at 17:23:31,91 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  9. platinium
    Bonjour, Suite à un message ouvert : Software - Windows 7 - Ecran bleu de la mort - Windows 7 On m'a demandé de venir dans cette partie en premier lieu car mon ordinateur est infecté. voici un premier rapport : http://cjoint.com/?DDkuXioEw9j Merci pour votre aide Platinium
  10. platinium
    Bonjour, Voici le rapport du scan: http://cjoint.com/?DDkuXioEw9j
  11. platinium
    Bonjour, Comme apparemment il n'y avait pas de problème, j'ai réinstallé Internet Explorer. Plantage immédiat comme avant. Là je ne sais plus quoi faire. Si vous avez d'autres pistes. Merci d'avance
  12. platinium
    Bonjour, Voici les rapports CBS : Lignes avec [sR] : Lignes avec Repairing, Repaired, ou "cannot" : ============================================ LIGNES AVEC REPAIRING : ===================== ============================================ LIGNES AVEC REPAIRED : ==================== ============================================ LIGNES AVEC CANNOT : ================== Petite information qui doit avoir son importance. Vu qu'il m'était impossible de me connecter via internet explorer, je l'ai désinstallé pour installer google chrome en attendant. Merci de me dire ce que je dois faire pour la suite.
  13. platinium
    Je vous remercie pour vos conseils. L'écran bleu apparaît lorsque je clique sur le logo Internet explorer pour me connecter. J'ai lancé un chkdsk et un sfc/scannow. Le scannow a détecté des anomalies qu'il n'a pas pu résoudre : c/Windows/logs/CS/CBS.log Comment puis-je transmettre le rapport du scan? Merci d'avance
  14. platinium
    Bonjour, J'ai effectué la suppression de la mises à jour KB2670838 comme indiqué. J'ai vérifié qu'elle ne figurait plus dans les mises à jours postérieures. Mon BIOS est à jour. Le problème persiste. Auriez-vous d'autres piste? Merci
  15. platinium
    Bonjour, Je vous remercie pour votre aide. J'ai téléchargé les mises à jour et à l'issue du lancement le rapport me dit que tout est à jour. Pourtant j'ai toujours l'écran bleu lorsque je vais sur le net et je ne peux plus visualisé les vidéos du net. Avez-vous d'autres pistes? Merci
  16. platinium
    Bonjour, Je rencontre un problème d'écran bleu récurrent sous window 7 familial. L'écran devient bleu souvent lors des connexions internets. Message : PAGE_FAUL_IN_NONPAGED_AREA Technical information: ***STOP: 0x00000050.... *** igdpmd64.sys - Adress FFFFF88005AC2C75.... Puis un autre message sous windows est apparu : Problème lors du démarrage de C:/PROGRA-3/htb0jv.cpp Module spécifié introuvable. J'ai tenté un "cmd" sur le lecteur C avec la commande chkdsk, mais o, me réponds que mes droits sint restreint alors que c'est mon ordinateur personnel. Je vous remercie pour l'aide que vous voudrez bien m'apporter. Platinium
  17. platinium
    Bonjour, J'ai protégé mon PC par la version gratuite d'ANTIVIR. Cela m'a permis aujourd'hui de détecter et supprimer des virus (cheval de troie). Je souhaiterais soumettre un rapport afin de vérifier que tout est rentré dans l'ordre. Par ailleurs je souhaiterais obtenir un conseil pour l'installation d'un bon pare feu qui fonctionne avec ANTIVIR. Merci d'avance pour votre aide. Platinium
  18. platinium
    Bonjour, J'ai protégé mon PC par la version gratuite d'ANTIVIR. Cela m'a permis aujourd'hui de détecter et supprimer des virus (cheval de troie). Je souhaiterais soumettre un rapport afin de vérifier que tout est rentré dans l'ordre. Par ailleurs je souhaiterais obtenir un conseil pour l'installation ultérieur d'un bon pare feu qui fonctionne avec ANTIVIR. Merci d'avance. Platinium
  19. platinium
    Ici Houston Procédure de désinstallation Combofix, OK. Nous allons voir pour faire du ménage sur le DD. Merci pour cette mission réussie Appolo! A bientôt Over
  20. platinium
    Logfile of random's system information tool 1.06 (written by random/random) Run by Bertrand at 2010-01-21 08:26:49 Microsoft Windows XP Professionnel Service Pack 2 System drive C: has 3 GB (18%) free of 19 GB Total RAM: 1023 MB (62% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 08:27:01, on 21/01/2010 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16876) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe C:\WINDOWS\vVX3000.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Nikon\PictureProject\NkbMonitor.exe C:\Program Files\Nikon\NkView6\NkvMon.exe C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearchIndexer.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Microsoft LifeCam\MSCamS32.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Windows Live\Toolbar\wltuser.exe C:\Documents and Settings\Bertrand\Bureau\RSIT.exe C:\Documents and Settings\Bertrand\Bureau\Bertrand.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1 O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/229?9e5a4cf4b8ac4bf19a94b012c12aeb2a O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/230?9e5a4cf4b8ac4bf19a94b012c12aeb2a O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/200612...ex/qtplugin.cab O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe -- End of file - 9882 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\AppleSoftwareUpdate.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14 92504] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}] Barre d'outils MSN Search Helper - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll [2005-07-07 577232] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}] Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Barre d'outils MSN Search - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll [2005-07-07 577232] {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2004-08-26 405504] {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "OpwareSE2"=C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe [2003-05-08 49152] "VX3000"=C:\WINDOWS\vVX3000.exe [2006-10-13 707376] "RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2006-11-23 56928] "LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2006-12-05 54832] "LifeCam"=C:\Program Files\Microsoft LifeCam\LifeExp.exe [2006-10-13 277296] "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-12-15 282624] "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Yahoo! Pager"=C:\Program Files\Yahoo!\Messenger\ypager.exe [2005-08-31 3084288] "MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-10-13 1694208] "updateMgr"=C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe [2006-03-30 313472] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [2006-12-23 143360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2006-01-12 155648] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe [2007-10-23 443968] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Bertrand^Menu Démarrer^Programmes^Démarrage^SparkAngels.lnk] C:\WINDOWS\system32\javaws.exe [2009-10-11 149280] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe NkbMonitor.exe.lnk - C:\Program Files\Nikon\PictureProject\NkbMonitor.exe NkvMon.exe.lnk - C:\Program Files\Nikon\NkView6\NkvMon.exe Windows Desktop Search.lnk - C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2006-06-19 702768] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=323 "NoDriveAutoRun"=67108863 "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveAutoRun"= "NoDriveTypeAutoRun"= "NoDrives"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Yahoo!\Messenger\YPager.exe"="C:\Program Files\Yahoo!\Messenger\YPager.exe:*:Enabled:Yahoo! Messenger" "C:\Program Files\Yahoo!\Messenger\YServer.exe"="C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server" "C:\Program Files\Microsoft LifeCam\LifeExp.exe"="C:\Program Files\Microsoft LifeCam\LifeExp.exe:*:Enabled:LifeExp.exe" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Microsoft LifeCam\LifeCam.exe"="C:\Program Files\Microsoft LifeCam\LifeCam.exe:*:Enabled:LifeCam.exe" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare" ======List of files/folders created in the last 1 months====== 2010-01-21 08:26:49 ----D---- C:\rsit 2010-01-20 20:05:40 ----SHD---- C:\RECYCLER 2010-01-20 19:27:23 ----A---- C:\ComboFix.txt 2010-01-20 19:01:52 ----A---- C:\Boot.bak 2010-01-20 19:01:36 ----RASHD---- C:\cmdcons 2010-01-20 18:59:05 ----A---- C:\WINDOWS\zip.exe 2010-01-20 18:59:05 ----A---- C:\WINDOWS\SWXCACLS.exe 2010-01-20 18:59:05 ----A---- C:\WINDOWS\SWSC.exe 2010-01-20 18:59:05 ----A---- C:\WINDOWS\SWREG.exe 2010-01-20 18:59:05 ----A---- C:\WINDOWS\sed.exe 2010-01-20 18:59:05 ----A---- C:\WINDOWS\PEV.exe 2010-01-20 18:59:05 ----A---- C:\WINDOWS\NIRCMD.exe 2010-01-20 18:59:05 ----A---- C:\WINDOWS\MBR.exe 2010-01-20 18:59:05 ----A---- C:\WINDOWS\grep.exe 2010-01-20 18:58:03 ----D---- C:\Qoobox 2009-12-29 08:05:36 ----A---- C:\WINDOWS\system32\javaws.exe 2009-12-29 08:05:36 ----A---- C:\WINDOWS\system32\javaw.exe 2009-12-29 08:05:36 ----A---- C:\WINDOWS\system32\java.exe ======List of files/folders modified in the last 1 months====== 2010-01-21 08:05:57 ----D---- C:\WINDOWS\temp 2010-01-21 08:05:54 ----D---- C:\WINDOWS\system32\CatRoot2 2010-01-21 00:04:19 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-01-21 00:00:07 ----D---- C:\WINDOWS\system32\drivers 2010-01-20 23:56:00 ----HDC---- C:\WINDOWS\$NtUninstallKB931261$ 2010-01-20 19:19:25 ----D---- C:\WINDOWS 2010-01-20 19:19:25 ----A---- C:\WINDOWS\system.ini 2010-01-20 19:15:36 ----RD---- C:\Program Files 2010-01-20 19:15:36 ----D---- C:\WINDOWS\system32 2010-01-20 19:14:08 ----D---- C:\WINDOWS\AppPatch 2010-01-20 19:14:04 ----D---- C:\Program Files\Fichiers communs 2010-01-20 19:08:03 ----RSHDC---- C:\WINDOWS\system32\dllcache 2010-01-20 19:05:30 ----D---- C:\WINDOWS\system32\config 2010-01-20 19:05:11 ----D---- C:\WINDOWS\ERDNT 2010-01-20 19:01:53 ----RASH---- C:\boot.ini 2010-01-20 18:58:28 ----D---- C:\WINDOWS\Prefetch 2010-01-20 00:43:17 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2010-01-20 00:16:38 ----HDC---- C:\WINDOWS\$NtUninstallKB922582$ 2010-01-14 22:45:24 ----A---- C:\WINDOWS\NeroDigital.ini 2010-01-12 07:46:19 ----SHD---- C:\WINDOWS\Installer 2010-01-12 07:46:17 ----D---- C:\Config.Msi 2009-12-29 08:05:32 ----D---- C:\Program Files\Java ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-19 40320] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-09-05 28520] R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-19 12032] R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-12-10 56816] R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752] R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-08-03 11868] R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-01 4816] R3 E1000;Intel® PRO/1000 Adapter Driver; C:\WINDOWS\system32\DRIVERS\e1000325.sys [2003-07-11 121856] R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSFDPSP2.sys [2004-08-03 1041536] R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\system32\DRIVERS\HSFBS2S2.sys [2004-08-03 220032] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-03 1897408] R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2002-12-19 539008] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-19 26624] R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-19 57600] R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-19 20480] R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSFCXTS2.sys [2004-08-03 685056] S3 catchme;catchme; \??\C:\Panpan\catchme.sys [] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024] S3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2004-08-19 9600] S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-19 12288] S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [] S3 MSIRCOMM;Microsoft IR Communications Driver; C:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys [2004-08-03 22016] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880] S3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136] S3 STIrUsb;STIrUsb.sys USB-IrDA Adapter; C:\WINDOWS\system32\DRIVERS\irstusb.sys [2001-09-24 30088] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360] S3 USB_RNDIS_51;Broadcom USB Remote NDIS Device Driver; C:\WINDOWS\system32\DRIVERS\usb8023.sys [2004-08-19 12672] S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264] S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104] S3 VX3000;VX-3000; C:\WINDOWS\system32\DRIVERS\VX3000.sys [2006-10-13 1966384] S3 w810bus;Sony Ericsson W810 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\w810bus.sys [2006-02-20 58288] S3 w810obex;Sony Ericsson W810 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\w810obex.sys [2006-02-20 83344] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-09-05 108289] R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-09-05 185089] R2 CCALib8;Canon Camera Access Library 8; C:\Program Files\Canon\CAL\CALMAIN.exe [2006-03-30 96341] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376] R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120] R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS32.exe [2006-10-13 207664] R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2005-08-07 167936] R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656] R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240] S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864] S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-04 136120] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-05 774144] S3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2006-12-23 262144] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] -----------------EOF----------------- Le Second rapport: info.txt logfile of random's system information tool 1.06 2010-01-21 08:27:03 ======Uninstall list====== -->C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL -->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Adaptateur USB-IrDA-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{10F5D9BB-E2F2-4B18-A65D-928B73D22E6F}\SETUP.EXE" -l0x40c Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Adobe Photoshop Elements 2.0-->C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Adobe\Photoshop Elements 2\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop Elements 2\Uninst.dll" Adobe Reader 7.0.9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A70900000002} Apple Software Update-->MsiExec.exe /I{55FA89BD-21D3-42F7-9249-C94C0094A83C} Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe ArcSoft PhotoStudio 5.5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{85309D89-7BE9-4094-BB17-24999C6118FC}\SETUP.EXE" -l0x40c Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7} Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE Barre d'outils MSN Search-->MsiExec.exe /X{B2CF0FAC-D52C-41D8-81E0-BFD7A3E7C84B} Canon Camera Access Library-->"C:\Program Files\Fichiers communs\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\CAL\Uninst.ini" Canon Camera Support Core Library-->"C:\Program Files\Fichiers communs\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\CSCLIB\Uninst.ini" Canon Camera Window DC_DV 5 for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDVC\Uninst.ini" Canon Camera Window DC_DV 6 for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDVC6\Uninst.ini" Canon Camera Window MC 6 for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowMC\Uninst.ini" Canon G.726 WMP-Decoder-->"C:\Program Files\Fichiers communs\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\G726Decoder\G726DecUnInstall.ini" CANON iMAGE GATEWAY Task for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\CRWUnInstall.ini" Canon Internet Library for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\CIGUnInstall.ini" Canon MovieEdit Task for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\MVWUninst.ini" Canon MP Navigator 2.0-->"C:\Program Files\Canon\MP Navigator 2.0\Maint.exe" /UninstallRemove C:\Program Files\Canon\MP Navigator 2.0\uninst.ini Canon MP170-->"C:\WINDOWS\system32\CanonMP Uninstaller Information\{91175441-4E5D-4e13-B116-828FD352CDB2}\DelDrv.exe" /U:{91175441-4E5D-4e13-B116-828FD352CDB2} /L0x000c Canon RAW Image Task for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\RAW Image Task\Uninst.ini" Canon RemoteCapture Task for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\RemoteCaptureTask DC\Uninst.ini" Canon Utilities Easy-PhotoPrint-->C:\Program Files\Canon\Easy-PhotoPrint\uninst.exe uninst.ini Canon Utilities EOS Utility-->"C:\Program Files\Fichiers communs\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\EOS Utility\Uninst.ini" Canon Utilities PhotoStitch-->"C:\Program Files\Fichiers communs\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\PhotoStitch\Uninst.ini" Canon Utilities ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\Uninst.ini" Correctif pour Windows XP (KB914440)-->"C:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst.exe" Correctif Windows XP - KB873339-->C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe Correctif Windows XP - KB885250-->C:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe Correctif Windows XP - KB885835-->C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe Correctif Windows XP - KB885836-->C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe Correctif Windows XP - KB886185-->C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe Correctif Windows XP - KB887472-->C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe Correctif Windows XP - KB887742-->C:\WINDOWS\$NtUninstallKB887742$\spuninst\spuninst.exe Correctif Windows XP - KB888113-->C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe Correctif Windows XP - KB888302-->C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe Correctif Windows XP - KB890859-->"C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe" Correctif Windows XP - KB891781-->C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe Cortona® VRML Client-->"C:\Program Files\ParallelGraphics\Cortona VRML Client\UNWISE32.EXE" "C:\Program Files\ParallelGraphics\Cortona VRML Client\Install.log" Dealio Toolbar v4.0.1-->MsiExec.exe /X{94C3BB3A-56A1-43DE-A242-8B41F46E97EF} DVD Suite-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstall Easy-WebPrint-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Canon\Easy-WebPrint\Uninst.isu" Free Mp3 Wma Converter V 1.81-->"C:\Program Files\Free Audio Pack\unins000.exe" Gadwin PrintScreen-->C:\Program Files\Gadwin Systems\PrintScreen\Uninstall.exe Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1} Google Earth-->MsiExec.exe /I{97C0EA4A-1A0B-4C53-ACEB-49984DA79C90} GUILD WARS-->"C:\Program Files\GUILD WARS\Gw.exe" -uninstall HijackThis 2.0.2-->"C:\Documents and Settings\Bertrand\Bureau\HijackThis.exe" /uninstall Hotfix for Windows XP (KB915865)-->"C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe" Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31} Intel® PRO Network Adapters and Drivers-->Prounstl.exe Java 6 Update 17-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF} Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5} Lecteur Windows Media 10-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall LiveUpdate 2.6 (Symantec Corporation)-->C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE /U Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570} Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe" Microsoft LifeCam-->MsiExec.exe /X{3C137BCF-8ADC-430D-B01C-A45593AC512B} Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe" Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC} Microsoft Office Outlook Connector-->MsiExec.exe /I{95120000-0122-040C-0000-0000000FF1CE} Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9} Microsoft Search Enhancement Pack-->MsiExec.exe /I{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5} Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Mise à jour de sécurité pour Lecteur Windows Media (KB911564)-->"C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398)-->"C:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 9 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 9 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969)-->"C:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB890046)-->"C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB893756)-->"C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB896358)-->"C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB896422)-->"C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB896423)-->"C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB896424)-->"C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB896428)-->"C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB899587)-->"C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB899589)-->"C:\WINDOWS\$NtUninstallKB899589$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB899591)-->"C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB900725)-->"C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB901017)-->"C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB901214)-->"C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB902400)-->"C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB904706)-->"C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB905414)-->"C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB905749)-->"C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB905915)-->"C:\WINDOWS\$NtUninstallKB905915$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB908519)-->"C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB908531)-->"C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB911280)-->"C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB911562)-->"C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB911567)-->"C:\WINDOWS\$NtUninstallKB911567$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB911927)-->"C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB912812)-->"C:\WINDOWS\$NtUninstallKB912812$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB912919)-->"C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB913446)-->"C:\WINDOWS\$NtUninstallKB913446$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB913580)-->"C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB914388)-->"C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB914389)-->"C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB916281)-->"C:\WINDOWS\$NtUninstallKB916281$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB917159)-->"C:\WINDOWS\$NtUninstallKB917159$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB917344)-->"C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB917422)-->"C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB917953)-->"C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB918118)-->"C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB918439)-->"C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB918899)-->"C:\WINDOWS\$NtUninstallKB918899$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB919007)-->"C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB920213)-->"C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB920214)-->"C:\WINDOWS\$NtUninstallKB920214$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB920670)-->"C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB920683)-->"C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB920685)-->"C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB921398)-->"C:\WINDOWS\$NtUninstallKB921398$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB921883)-->"C:\WINDOWS\$NtUninstallKB921883$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB922616)-->"C:\WINDOWS\$NtUninstallKB922616$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB922760)-->"C:\WINDOWS\$NtUninstallKB922760$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB922819)-->"C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923191)-->"C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923414)-->"C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923689)-->"C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923694)-->"C:\WINDOWS\$NtUninstallKB923694$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923980)-->"C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB924191)-->"C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB924270)-->"C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB924496)-->"C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB924667)-->"C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB925486)-->"C:\WINDOWS\$NtUninstallKB925486$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB925902)-->"C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB926255)-->"C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB926436)-->"C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB927779)-->"C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB927802)-->"C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB928255)-->"C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB928843)-->"C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB929123)-->"C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB930178)-->"C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB931261)-->"C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB931784)-->"C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB932168)-->"C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB935839)-->"C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB935840)-->"C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB894391)-->"C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB900485)-->"C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB904942)-->"C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB910437)-->"C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB916595)-->"C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB920872)-->"C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB922582)-->"C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB927891)-->"C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB929338)-->"C:\WINDOWS\$NtUninstallKB929338$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB930916)-->"C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB931836)-->"C:\WINDOWS\$NtUninstallKB931836$\spuninst\spuninst.exe" monAlbumPhoto-->"C:\Program Files\monAlbumPhoto\unins000.exe" Mozilla Firefox (2.0.0.12)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC} Neat Image v6 Demo (with plug-in)-->"C:\Program Files\Neat Image\unins000.exe" Nero 7 Essentials-->MsiExec.exe /X{AAB93551-3FFE-42B2-8315-96252BBC1036} Nikon FotoShare-->C:\Program Files\Nikon\FotoShare\Uninstal.exe C:\PROGRA~1\Nikon\FOTOSH~1\INSTALL.LOG Nikon Message Center-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}\Setup.exe" -l0x40c UNINSTALL Nikon Scan-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9AE4AC96-A5F4-4F19-9D13-066C8B3CE034}\Setup.exe" -l0x40c UNINSTALL Nikon View 6-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AAB84E83-C8DF-4752-9DFC-2E2A48EE5E9F}\setup.exe" UNINSTALL OmniPage SE 2.0-->MsiExec.exe /I{79D5997E-BF79-48BB-8B41-9BE59C15C2D7} Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe" Picasa 2-->"C:\Program Files\Picasa2\Uninstall.exe" PictureProject-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FF3999BE-1A7B-4738-88AA-97BF14094A4A}\Setup.exe" -l0x40c UNINSTALL PowerArchiver-->C:\Program Files\PowerArchiver\UNINST.EXE PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall PowerProducer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\setup.exe" -uninstall QuickTime-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{C21D5524-A970-42FA-AC8A-59B8C7CDCA31} /l1036 Room Arranger (remove only)-->"C:\Program Files\Room Arranger\uninstall.exe" Security Update for Windows Internet Explorer 7 (KB972260)-->"C:\WINDOWS\ie7updates\KB972260-IE7\spuninst\spuninst.exe" Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} Sweet Home 3D version 1.3-->"C:\Program Files\Sweet Home 3D\unins000.exe" Versal FileDownload ActiveX Control Trial Version-->C:\Program Files\Universal\UFileDownloadD\USetup.exe WD Diagnostics-->MsiExec.exe /X{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B} Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe" Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe" Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe" Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41} Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52} Windows Live Contrôle parental-->MsiExec.exe /X{D5D81435-B8DE-4CAF-867F-7998F2B92CFC} Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA} Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818} Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1} Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353} Windows Live Writer-->MsiExec.exe /X{4634B21A-CC07-4396-890C-2B8168661FEA} Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll WinHTTrack Website Copier 3.41-3-->"C:\Program Files\WinHTTrack\unins000.exe" XnView 1.92-->"C:\Program Files\XnView\unins000.exe" Yahoo! Extras-->C:\PROGRA~1\Yahoo!\Common\unyext.exe Yahoo! Install Manager-->C:\WINDOWS\system32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~1.DLL Yahoo! Internet Mail-->C:\WINDOWS\system32\regsvr32 /u /s C:\PROGRA~1\Yahoo!\Common\ymmapi.dll Yahoo! Messenger-->C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG ======Security center information====== AV: AntiVir Desktop ======System event log====== Computer Name: BASTON-BE Event Code: 58 Message: Erreur de syntaxe dans le fichier manifeste ou le fichier de stratégie "C:\Program Files\Apple Software Update\Plugins\EXEInstallPlugin.dll.Manifest" à la ligne 2. Record Number: 28422 Source Name: SideBySide Time Written: 20091119170401.000000+060 Event Type: erreur User: Computer Name: BASTON-BE Event Code: 61 Message: Erreur de syntaxe dans le fichier manifeste ou de stratégies "C:\Program Files\Apple Software Update\Plugins\EXEInstallPlugin.dll.Manifest" à la ligne 2. L'attribut requis version est absent de l'élément assemblyIdentity. Record Number: 28421 Source Name: SideBySide Time Written: 20091119170401.000000+060 Event Type: erreur User: Computer Name: BASTON-BE Event Code: 7036 Message: Le service Service COM de gravage de CD IMAPI est entré dans l'état : arrêté. Record Number: 28420 Source Name: Service Control Manager Time Written: 20091119072618.000000+060 Event Type: Informations User: Computer Name: BASTON-BE Event Code: 7036 Message: Le service Carte de performance WMI est entré dans l'état : en cours d'exécution. Record Number: 28419 Source Name: Service Control Manager Time Written: 20091119072615.000000+060 Event Type: Informations User: Computer Name: BASTON-BE Event Code: 7035 Message: Un contrôle Démarrer a correctement été envoyé au service Carte de performance WMI. Record Number: 28418 Source Name: Service Control Manager Time Written: 20091119072615.000000+060 Event Type: Informations User: AUTORITE NT\SYSTEM =====Application event log===== Computer Name: BASTON-BE Event Code: 4096 Message: Le service AntiVir a bien démarré! Record Number: 51442 Source Name: Avira AntiVir Time Written: 20090928072633.000000+120 Event Type: Informations User: AUTORITE NT\SYSTEM Computer Name: BASTON-BE Event Code: 1800 Message: Le service Centre de sécurité Windows a démarré. Record Number: 51441 Source Name: SecurityCenter Time Written: 20090928072630.000000+120 Event Type: Informations User: Computer Name: BASTON-BE Event Code: 0 Message: Record Number: 51440 Source Name: SeaPort Time Written: 20090928072619.000000+120 Event Type: Informations User: Computer Name: BASTON-BE Event Code: 0 Message: Record Number: 51439 Source Name: RichVideo Time Written: 20090928072619.000000+120 Event Type: Informations User: Computer Name: BASTON-BE Event Code: 0 Message: Record Number: 51438 Source Name: MSCamSvc Time Written: 20090928072618.000000+120 Event Type: Informations User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files\QuickTime\QTSystem "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=15 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 4, GenuineIntel "PROCESSOR_REVISION"=0204 "NUMBER_OF_PROCESSORS"=1 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip "QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip -----------------EOF-----------------
  21. platinium
    Ici Houston, Pour l'affichage tout est ok, j'ai trouvé comment remettre tout en place. Je vais faire la procédure que tu m'as donné. Effectivement tout semble être Ok. Merci Houston Over
  22. platinium
    Malwarebytes' Anti-Malware 1.44 Version de la base de données: 3604 Windows 5.1.2600 Service Pack 2 Internet Explorer 7.0.5730.11 20/01/2010 23:53:09 mbam-log-2010-01-20 (23-53-09).txt Type de recherche: Examen complet (A:\|C:\|D:\|E:\|G:\|) Eléments examinés: 191068 Temps écoulé: 1 hour(s), 31 minute(s), 42 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 1 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\System Volume Information\_restore{DD85C82C-4C63-4E79-B503-A6E2B1833CDA}\RP1122\A0171888.sys (Malware.Trace) -> Quarantined and deleted successfully.
  23. platinium
    Ok je fais ça, mais comme tu dis, ça va être super long. Houston Over
  24. platinium
    Bonsoir et merci beaucoup pour ton passage. Voici le rapport : 20:07:40:281 3880 TDSS rootkit removing tool 2.2.2 Jan 13 2010 08:42:25 20:07:40:281 3880 ================================================================================ 20:07:40:281 3880 SystemInfo: 20:07:40:281 3880 OS Version: 5.1.2600 ServicePack: 2.0 20:07:40:281 3880 Product type: Workstation 20:07:40:281 3880 ComputerName: BASTON-BE 20:07:40:281 3880 UserName: Bertrand 20:07:40:281 3880 Windows directory: C:\WINDOWS 20:07:40:281 3880 Processor architecture: Intel x86 20:07:40:281 3880 Number of processors: 1 20:07:40:281 3880 Page size: 0x1000 20:07:40:281 3880 Boot type: Normal boot 20:07:40:281 3880 ================================================================================ 20:07:40:296 3880 UnloadDriverW: NtUnloadDriver error 2 20:07:40:296 3880 ForceUnloadDriverW: UnloadDriverW(klmd21) error 2 20:07:40:296 3880 MyNtCreateFileW: NtCreateFile(\??\C:\WINDOWS\system32\drivers\klmd.sys) returned status 00000000 20:07:40:312 3880 UtilityInit: KLMD drop and load success 20:07:40:312 3880 KLMD_OpenDevice: Trying to open KLMD Device(KLMD201000) 20:07:40:312 3880 UtilityInit: KLMD open success 20:07:40:312 3880 UtilityInit: Initialize success 20:07:40:312 3880 20:07:40:312 3880 Scanning Services ... 20:07:40:312 3880 CreateRegParser: Registry parser init started 20:07:40:312 3880 DisableWow64Redirection: GetProcAddress(Wow64DisableWow64FsRedirection) error 127 20:07:40:312 3880 CreateRegParser: DisableWow64Redirection error 20:07:40:312 3880 wfopen_ex: Trying to open file C:\WINDOWS\system32\config\system 20:07:40:312 3880 MyNtCreateFileW: NtCreateFile(\??\C:\WINDOWS\system32\config\system) returned status C0000043 20:07:40:312 3880 wfopen_ex: MyNtCreateFileW error 32 (C0000043) 20:07:40:312 3880 wfopen_ex: Trying to KLMD file open 20:07:40:312 3880 KLMD_CreateFileW: Trying to open file C:\WINDOWS\system32\config\system 20:07:40:312 3880 wfopen_ex: File opened ok (Flags 2) 20:07:40:312 3880 CreateRegParser: HIVE_ADAPTER(C:\WINDOWS\system32\config\system) init success: 374918 20:07:40:312 3880 wfopen_ex: Trying to open file C:\WINDOWS\system32\config\software 20:07:40:312 3880 MyNtCreateFileW: NtCreateFile(\??\C:\WINDOWS\system32\config\software) returned status C0000043 20:07:40:312 3880 wfopen_ex: MyNtCreateFileW error 32 (C0000043) 20:07:40:312 3880 wfopen_ex: Trying to KLMD file open 20:07:40:312 3880 KLMD_CreateFileW: Trying to open file C:\WINDOWS\system32\config\software 20:07:40:312 3880 wfopen_ex: File opened ok (Flags 2) 20:07:40:312 3880 CreateRegParser: HIVE_ADAPTER(C:\WINDOWS\system32\config\software) init success: 3749C0 20:07:40:312 3880 EnableWow64Redirection: GetProcAddress(Wow64RevertWow64FsRedirection) error 127 20:07:40:312 3880 CreateRegParser: EnableWow64Redirection error 20:07:40:312 3880 CreateRegParser: RegParser init completed 20:07:40:953 3880 GetAdvancedServicesInfo: Raw services enum returned 326 services 20:07:40:953 3880 fclose_ex: Trying to close file C:\WINDOWS\system32\config\system 20:07:40:953 3880 fclose_ex: Trying to close file C:\WINDOWS\system32\config\software 20:07:40:953 3880 20:07:40:953 3880 Scanning Kernel memory ... 20:07:40:953 3880 KLMD_GetSystemObjectAddressByNameW: Trying to get system object address by name \Driver\Disk 20:07:40:953 3880 DetectCureTDL3: \Driver\Disk PDRIVER_OBJECT: 86BCD910 20:07:40:953 3880 DetectCureTDL3: KLMD_GetDeviceObjectList returned 4 DevObjects 20:07:40:953 3880 20:07:40:953 3880 DetectCureTDL3: DEVICE_OBJECT: 86494C68 20:07:40:953 3880 KLMD_GetLowerDeviceObject: Trying to get lower device object for 86494C68 20:07:40:953 3880 KLMD_ReadMem: Trying to ReadMemory 0x86494C68[0x38] 20:07:40:953 3880 DetectCureTDL3: DRIVER_OBJECT: 86BCD910 20:07:40:953 3880 KLMD_ReadMem: Trying to ReadMemory 0x86BCD910[0xA8] 20:07:40:953 3880 KLMD_ReadMem: Trying to ReadMemory 0xE100AF68[0x18] 20:07:40:953 3880 DetectCureTDL3: DRIVER_OBJECT name: \Driver\Disk, Driver Name: Disk 20:07:40:953 3880 DetectCureTDL3: IrpHandler (0) addr: F74E7C30 20:07:40:953 3880 DetectCureTDL3: IrpHandler (1) addr: 804FB8DE 20:07:40:953 3880 DetectCureTDL3: IrpHandler (2) addr: F74E7C30 20:07:40:968 3880 DetectCureTDL3: IrpHandler (3) addr: F74E1D9B 20:07:40:968 3880 DetectCureTDL3: IrpHandler (4) addr: F74E1D9B 20:07:40:968 3880 DetectCureTDL3: IrpHandler (5) addr: 804FB8DE 20:07:40:968 3880 DetectCureTDL3: IrpHandler (6) addr: 804FB8DE 20:07:40:968 3880 DetectCureTDL3: IrpHandler (7) addr: 804FB8DE 20:07:40:968 3880 DetectCureTDL3: IrpHandler ( addr: 804FB8DE 20:07:40:968 3880 DetectCureTDL3: IrpHandler (9) addr: F74E2366 20:07:40:968 3880 DetectCureTDL3: IrpHandler (10) addr: 804FB8DE 20:07:40:968 3880 DetectCureTDL3: IrpHandler (11) addr: 804FB8DE 20:07:40:968 3880 DetectCureTDL3: IrpHandler (12) addr: 804FB8DE 20:07:40:968 3880 DetectCureTDL3: IrpHandler (13) addr: 804FB8DE 20:07:40:968 3880 DetectCureTDL3: IrpHandler (14) addr: F74E244D 20:07:40:968 3880 DetectCureTDL3: IrpHandler (15) addr: F74E5FC3 20:07:40:968 3880 DetectCureTDL3: IrpHandler (16) addr: F74E2366 20:07:40:968 3880 DetectCureTDL3: IrpHandler (17) addr: 804FB8DE 20:07:40:968 3880 DetectCureTDL3: IrpHandler (18) addr: 804FB8DE 20:07:40:968 3880 DetectCureTDL3: IrpHandler (19) addr: 804FB8DE 20:07:40:968 3880 DetectCureTDL3: IrpHandler (20) addr: 804FB8DE 20:07:40:968 3880 DetectCureTDL3: IrpHandler (21) addr: 804FB8DE 20:07:40:968 3880 DetectCureTDL3: IrpHandler (22) addr: F74E3EF3 20:07:40:968 3880 DetectCureTDL3: IrpHandler (23) addr: F74E8A24 20:07:40:968 3880 DetectCureTDL3: IrpHandler (24) addr: 804FB8DE 20:07:40:968 3880 DetectCureTDL3: IrpHandler (25) addr: 804FB8DE 20:07:40:968 3880 DetectCureTDL3: IrpHandler (26) addr: 804FB8DE 20:07:40:968 3880 TDL3_FileDetect: Processing driver: Disk 20:07:40:968 3880 TDL3_FileDetect: Processing driver file: C:\WINDOWS\system32\DRIVERS\disk.sys 20:07:40:968 3880 KLMD_CreateFileW: Trying to open file C:\WINDOWS\system32\DRIVERS\disk.sys 20:07:40:968 3880 TDL3_FileDetect: C:\WINDOWS\system32\DRIVERS\disk.sys - Verdict: Clean 20:07:40:968 3880 20:07:40:968 3880 DetectCureTDL3: DEVICE_OBJECT: 8647BAB8 20:07:40:968 3880 KLMD_GetLowerDeviceObject: Trying to get lower device object for 8647BAB8 20:07:40:968 3880 DetectCureTDL3: DEVICE_OBJECT: 867F62C8 20:07:40:968 3880 KLMD_GetLowerDeviceObject: Trying to get lower device object for 867F62C8 20:07:40:968 3880 KLMD_ReadMem: Trying to ReadMemory 0x867F62C8[0x38] 20:07:40:968 3880 DetectCureTDL3: DRIVER_OBJECT: 864AD608 20:07:40:968 3880 KLMD_ReadMem: Trying to ReadMemory 0x864AD608[0xA8] 20:07:40:968 3880 KLMD_ReadMem: Trying to ReadMemory 0xE17E1900[0x1E] 20:07:40:968 3880 DetectCureTDL3: DRIVER_OBJECT name: \Driver\USBSTOR, Driver Name: USBSTOR 20:07:40:968 3880 DetectCureTDL3: IrpHandler (0) addr: F7756218 20:07:40:968 3880 DetectCureTDL3: IrpHandler (1) addr: 804FB8DE 20:07:40:968 3880 DetectCureTDL3: IrpHandler (2) addr: F7756218 20:07:40:968 3880 DetectCureTDL3: IrpHandler (3) addr: F775623C 20:07:40:968 3880 DetectCureTDL3: IrpHandler (4) addr: F775623C 20:07:40:968 3880 DetectCureTDL3: IrpHandler (5) addr: 804FB8DE 20:07:40:968 3880 DetectCureTDL3: IrpHandler (6) addr: 804FB8DE 20:07:40:968 3880 DetectCureTDL3: IrpHandler (7) addr: 804FB8DE 20:07:40:968 3880 DetectCureTDL3: IrpHandler ( addr: 804FB8DE 20:07:40:968 3880 DetectCureTDL3: IrpHandler (9) addr: 804FB8DE 20:07:40:968 3880 DetectCureTDL3: IrpHandler (10) addr: 804FB8DE 20:07:40:968 3880 DetectCureTDL3: IrpHandler (11) addr: 804FB8DE 20:07:40:968 3880 DetectCureTDL3: IrpHandler (12) addr: 804FB8DE 20:07:40:968 3880 DetectCureTDL3: IrpHandler (13) addr: 804FB8DE 20:07:40:968 3880 DetectCureTDL3: IrpHandler (14) addr: F7756180 20:07:40:968 3880 DetectCureTDL3: IrpHandler (15) addr: F77519E6 20:07:40:968 3880 DetectCureTDL3: IrpHandler (16) addr: 804FB8DE 20:07:40:968 3880 DetectCureTDL3: IrpHandler (17) addr: 804FB8DE 20:07:40:968 3880 DetectCureTDL3: IrpHandler (18) addr: 804FB8DE 20:07:40:968 3880 DetectCureTDL3: IrpHandler (19) addr: 804FB8DE 20:07:40:968 3880 DetectCureTDL3: IrpHandler (20) addr: 804FB8DE 20:07:40:968 3880 DetectCureTDL3: IrpHandler (21) addr: 804FB8DE 20:07:40:968 3880 DetectCureTDL3: IrpHandler (22) addr: F77555F0 20:07:40:968 3880 DetectCureTDL3: IrpHandler (23) addr: F7753A6E 20:07:40:968 3880 DetectCureTDL3: IrpHandler (24) addr: 804FB8DE 20:07:40:968 3880 DetectCureTDL3: IrpHandler (25) addr: 804FB8DE 20:07:40:968 3880 DetectCureTDL3: IrpHandler (26) addr: 804FB8DE 20:07:40:968 3880 KLMD_ReadMem: Trying to ReadMemory 0xF7752F26[0x400] 20:07:40:968 3880 TDL3_StartIoHookDetect: CheckParameters: 0, 00000000, 0 20:07:40:968 3880 TDL3_FileDetect: Processing driver: USBSTOR 20:07:40:968 3880 TDL3_FileDetect: Processing driver file: C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 20:07:40:968 3880 KLMD_CreateFileW: Trying to open file C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 20:07:40:984 3880 TDL3_FileDetect: C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS - Verdict: Clean 20:07:40:984 3880 20:07:40:984 3880 DetectCureTDL3: DEVICE_OBJECT: 86B73C68 20:07:40:984 3880 KLMD_GetLowerDeviceObject: Trying to get lower device object for 86B73C68 20:07:40:984 3880 KLMD_ReadMem: Trying to ReadMemory 0x86B73C68[0x38] 20:07:40:984 3880 DetectCureTDL3: DRIVER_OBJECT: 86BCD910 20:07:40:984 3880 KLMD_ReadMem: Trying to ReadMemory 0x86BCD910[0xA8] 20:07:40:984 3880 KLMD_ReadMem: Trying to ReadMemory 0xE100AF68[0x18] 20:07:40:984 3880 DetectCureTDL3: DRIVER_OBJECT name: \Driver\Disk, Driver Name: Disk 20:07:40:984 3880 DetectCureTDL3: IrpHandler (0) addr: F74E7C30 20:07:40:984 3880 DetectCureTDL3: IrpHandler (1) addr: 804FB8DE 20:07:40:984 3880 DetectCureTDL3: IrpHandler (2) addr: F74E7C30 20:07:40:984 3880 DetectCureTDL3: IrpHandler (3) addr: F74E1D9B 20:07:40:984 3880 DetectCureTDL3: IrpHandler (4) addr: F74E1D9B 20:07:40:984 3880 DetectCureTDL3: IrpHandler (5) addr: 804FB8DE 20:07:40:984 3880 DetectCureTDL3: IrpHandler (6) addr: 804FB8DE 20:07:40:984 3880 DetectCureTDL3: IrpHandler (7) addr: 804FB8DE 20:07:40:984 3880 DetectCureTDL3: IrpHandler ( addr: 804FB8DE 20:07:40:984 3880 DetectCureTDL3: IrpHandler (9) addr: F74E2366 20:07:40:984 3880 DetectCureTDL3: IrpHandler (10) addr: 804FB8DE 20:07:40:984 3880 DetectCureTDL3: IrpHandler (11) addr: 804FB8DE 20:07:40:984 3880 DetectCureTDL3: IrpHandler (12) addr: 804FB8DE 20:07:40:984 3880 DetectCureTDL3: IrpHandler (13) addr: 804FB8DE 20:07:40:984 3880 DetectCureTDL3: IrpHandler (14) addr: F74E244D 20:07:40:984 3880 DetectCureTDL3: IrpHandler (15) addr: F74E5FC3 20:07:40:984 3880 DetectCureTDL3: IrpHandler (16) addr: F74E2366 20:07:40:984 3880 DetectCureTDL3: IrpHandler (17) addr: 804FB8DE 20:07:40:984 3880 DetectCureTDL3: IrpHandler (18) addr: 804FB8DE 20:07:40:984 3880 DetectCureTDL3: IrpHandler (19) addr: 804FB8DE 20:07:40:984 3880 DetectCureTDL3: IrpHandler (20) addr: 804FB8DE 20:07:40:984 3880 DetectCureTDL3: IrpHandler (21) addr: 804FB8DE 20:07:40:984 3880 DetectCureTDL3: IrpHandler (22) addr: F74E3EF3 20:07:40:984 3880 DetectCureTDL3: IrpHandler (23) addr: F74E8A24 20:07:40:984 3880 DetectCureTDL3: IrpHandler (24) addr: 804FB8DE 20:07:40:984 3880 DetectCureTDL3: IrpHandler (25) addr: 804FB8DE 20:07:40:984 3880 DetectCureTDL3: IrpHandler (26) addr: 804FB8DE 20:07:40:984 3880 TDL3_FileDetect: Processing driver: Disk 20:07:40:984 3880 TDL3_FileDetect: Processing driver file: C:\WINDOWS\system32\DRIVERS\disk.sys 20:07:40:984 3880 KLMD_CreateFileW: Trying to open file C:\WINDOWS\system32\DRIVERS\disk.sys 20:07:40:984 3880 TDL3_FileDetect: C:\WINDOWS\system32\DRIVERS\disk.sys - Verdict: Clean 20:07:40:984 3880 20:07:40:984 3880 DetectCureTDL3: DEVICE_OBJECT: 86BA5AB8 20:07:40:984 3880 KLMD_GetLowerDeviceObject: Trying to get lower device object for 86BA5AB8 20:07:40:984 3880 DetectCureTDL3: DEVICE_OBJECT: 86B51D98 20:07:40:984 3880 KLMD_GetLowerDeviceObject: Trying to get lower device object for 86B51D98 20:07:40:984 3880 KLMD_ReadMem: Trying to ReadMemory 0x86B51D98[0x38] 20:07:40:984 3880 DetectCureTDL3: DRIVER_OBJECT: 86B52210 20:07:40:984 3880 KLMD_ReadMem: Trying to ReadMemory 0x86B52210[0xA8] 20:07:40:984 3880 KLMD_ReadMem: Trying to ReadMemory 0xE17FBB98[0x1A] 20:07:40:984 3880 DetectCureTDL3: DRIVER_OBJECT name: \Driver\atapi, Driver Name: atapi 20:07:40:984 3880 DetectCureTDL3: IrpHandler (0) addr: F73ED572 20:07:40:984 3880 DetectCureTDL3: IrpHandler (1) addr: 804FB8DE 20:07:40:984 3880 DetectCureTDL3: IrpHandler (2) addr: F73ED572 20:07:40:984 3880 DetectCureTDL3: IrpHandler (3) addr: 804FB8DE 20:07:40:984 3880 DetectCureTDL3: IrpHandler (4) addr: 804FB8DE 20:07:40:984 3880 DetectCureTDL3: IrpHandler (5) addr: 804FB8DE 20:07:40:984 3880 DetectCureTDL3: IrpHandler (6) addr: 804FB8DE 20:07:40:984 3880 DetectCureTDL3: IrpHandler (7) addr: 804FB8DE 20:07:40:984 3880 DetectCureTDL3: IrpHandler ( addr: 804FB8DE 20:07:40:984 3880 DetectCureTDL3: IrpHandler (9) addr: 804FB8DE 20:07:40:984 3880 DetectCureTDL3: IrpHandler (10) addr: 804FB8DE 20:07:40:984 3880 DetectCureTDL3: IrpHandler (11) addr: 804FB8DE 20:07:40:984 3880 DetectCureTDL3: IrpHandler (12) addr: 804FB8DE 20:07:40:984 3880 DetectCureTDL3: IrpHandler (13) addr: 804FB8DE 20:07:40:984 3880 DetectCureTDL3: IrpHandler (14) addr: F73ED592 20:07:40:984 3880 DetectCureTDL3: IrpHandler (15) addr: F73E97B4 20:07:40:984 3880 DetectCureTDL3: IrpHandler (16) addr: 804FB8DE 20:07:40:984 3880 DetectCureTDL3: IrpHandler (17) addr: 804FB8DE 20:07:40:984 3880 DetectCureTDL3: IrpHandler (18) addr: 804FB8DE 20:07:40:984 3880 DetectCureTDL3: IrpHandler (19) addr: 804FB8DE 20:07:40:984 3880 DetectCureTDL3: IrpHandler (20) addr: 804FB8DE 20:07:40:984 3880 DetectCureTDL3: IrpHandler (21) addr: 804FB8DE 20:07:40:984 3880 DetectCureTDL3: IrpHandler (22) addr: F73ED5BC 20:07:40:984 3880 DetectCureTDL3: IrpHandler (23) addr: F73F4164 20:07:40:984 3880 DetectCureTDL3: IrpHandler (24) addr: 804FB8DE 20:07:40:984 3880 DetectCureTDL3: IrpHandler (25) addr: 804FB8DE 20:07:40:984 3880 DetectCureTDL3: IrpHandler (26) addr: 804FB8DE 20:07:40:984 3880 KLMD_ReadMem: Trying to ReadMemory 0xF73EA7C6[0x400] 20:07:40:984 3880 TDL3_StartIoHookDetect: CheckParameters: 0, 00000000, 0 20:07:40:984 3880 TDL3_FileDetect: Processing driver: atapi 20:07:40:984 3880 TDL3_FileDetect: Processing driver file: C:\WINDOWS\system32\DRIVERS\atapi.sys 20:07:40:984 3880 KLMD_CreateFileW: Trying to open file C:\WINDOWS\system32\DRIVERS\atapi.sys 20:07:41:031 3880 TDL3_FileDetect: C:\WINDOWS\system32\DRIVERS\atapi.sys - Verdict: Clean 20:07:41:031 3880 20:07:41:046 3880 Completed 20:07:41:046 3880 20:07:41:046 3880 Results: 20:07:41:046 3880 Memory objects infected / cured / cured on reboot: 0 / 0 / 0 20:07:41:046 3880 Registry objects infected / cured / cured on reboot: 0 / 0 / 0 20:07:41:046 3880 File objects infected / cured / cured on reboot: 0 / 0 / 0 20:07:41:046 3880 20:07:41:046 3880 MyNtCreateFileW: NtCreateFile(\??\C:\WINDOWS\system32\drivers\klmd.sys) returned status 00000000 20:07:41:046 3880 UtilityDeinit: KLMD(ARK) unloaded successfully Voilà, Appolon Houston Over Sinon tous les icônes du bureau sont dans un cadre blanc au lieu d'être intégré complètement au fond d'écran. Que dois-je faire pour cela? Merci
  25. platinium
    ComboFix 10-01-19.08 - Bertrand 20/01/2010 19:07:59.2.1 - x86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.1023.707 [GMT 1:00] Lancé depuis: c:\documents and settings\Bertrand\Bureau\Panpan.exe AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7} . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files\Dealio Toolbar c:\program files\Dealio Toolbar\config.ini c:\program files\Dealio Toolbar\DealioToolbarIE.dll c:\program files\Dealio Toolbar\Res\amazon.gif c:\program files\Dealio Toolbar\Res\apple.gif c:\program files\Dealio Toolbar\Res\barnes.gif c:\program files\Dealio Toolbar\Res\bestbuy.gif c:\program files\Dealio Toolbar\Res\dealio_logo.gif c:\program files\Dealio Toolbar\Res\dealio_logo_hover.gif c:\program files\Dealio Toolbar\Res\ebay.gif c:\program files\Dealio Toolbar\Res\icon_settings.gif c:\program files\Dealio Toolbar\Res\macys.gif c:\program files\Dealio Toolbar\Res\newegg.gif c:\program files\Dealio Toolbar\Res\overstock.gif c:\program files\Dealio Toolbar\Res\search-button-hover.gif c:\program files\Dealio Toolbar\Res\search-button.gif c:\program files\Dealio Toolbar\Res\search-chevron-hover.gif c:\program files\Dealio Toolbar\Res\search-chevron.gif c:\program files\Dealio Toolbar\Res\search_amazon.gif c:\program files\Dealio Toolbar\Res\search_dealio.gif c:\program files\Dealio Toolbar\Res\search_ebay.gif c:\program files\Dealio Toolbar\Res\search_yahoo.gif c:\program files\Dealio Toolbar\Res\separator.gif c:\program files\Dealio Toolbar\Res\target.gif c:\program files\Dealio Toolbar\Res\walmart.gif c:\program files\Dealio Toolbar\Res\widgets.xml c:\program files\Dealio Toolbar\SearchSettingsKit.exe c:\program files\Dealio Toolbar\WidgiHelper.exe c:\windows\system32\11478.exe c:\windows\system32\15724.exe c:\windows\system32\18467.exe c:\windows\system32\19169.exe c:\windows\system32\24464.exe c:\windows\system32\26500.exe c:\windows\system32\26962.exe c:\windows\system32\29358.exe c:\windows\system32\6334.exe Une copie infectée de c:\windows\system32\DRIVERS\atapi.sys a été trouvée et désinfectée Copie restaurée à partir de - Kitty ate it . ((((((((((((((((((((((((((((( Fichiers créés du 2009-12-20 au 2010-01-20 )))))))))))))))))))))))))))))))))))) . 2009-12-29 12:26 . 2009-12-29 12:31 -------- d-----w- c:\documents and settings\Bertrand\Jeux Sony Ericsson W810i 2009-12-29 07:04 . 2009-12-29 07:04 -------- d-----w- c:\documents and settings\All Users\Modèles . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-01-19 23:43 . 2009-09-02 20:47 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-01-19 23:04 . 2010-01-19 23:04 5115824 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe 2010-01-07 15:07 . 2009-09-02 20:48 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-01-07 15:07 . 2009-09-02 20:47 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-12-29 07:05 . 2009-01-15 18:28 -------- d-----w- c:\program files\Java 2009-12-29 07:04 . 2009-12-29 07:04 152576 ----a-w- c:\documents and settings\Bertrand\Application Data\Sun\Java\jre1.6.0_17\lzma.dll 2009-12-29 07:03 . 2009-11-25 18:38 79488 ----a-w- c:\documents and settings\Bertrand\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll 2009-12-23 17:43 . 2006-02-16 17:05 192320 -c--a-w- c:\documents and settings\Bertrand\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-12-13 20:46 . 2008-01-03 17:29 -------- d-----w- c:\documents and settings\Bertrand\Application Data\XnView 2009-12-10 18:31 . 2009-09-05 16:39 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2009-12-09 21:59 . 2009-05-08 17:42 -------- d-----w- c:\documents and settings\All Users\Application Data\albumphoto 2009-12-07 07:37 . 2006-07-09 07:10 -------- d-----w- c:\documents and settings\Bertrand\Application Data\Canon 2009-11-05 17:44 . 2004-08-19 17:44 461318 ----a-w- c:\windows\system32\perfh00C.dat 2009-11-05 17:44 . 2004-08-19 17:44 72474 ----a-w- c:\windows\system32\perfc00C.dat 2009-09-08 14:19 . 2009-09-08 14:19 27136 --sha-w- c:\program files\Thumbs.db 2007-11-24 16:58 . 2007-11-24 16:58 1271557 -c--a-w- c:\program files\wrar371fr.exe 2008-02-18 21:58 . 2007-06-07 17:02 67696 ----a-w- c:\program files\mozilla firefox\components\jar50.dll 2008-02-18 21:58 . 2007-06-07 17:02 54376 -c--a-w- c:\program files\mozilla firefox\components\jsd3250.dll 2008-02-18 21:58 . 2007-06-07 17:02 34952 ----a-w- c:\program files\mozilla firefox\components\myspell.dll 2008-02-18 21:58 . 2007-06-07 17:02 46720 ----a-w- c:\program files\mozilla firefox\components\spellchk.dll 2008-02-18 21:58 . 2007-06-07 17:02 172144 -c--a-w- c:\program files\mozilla firefox\components\xpinstal.dll . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Yahoo! Pager"="c:\program files\Yahoo!\Messenger\ypager.exe" [2005-08-31 3084288] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-10-13 1694208] "updateMgr"="c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 313472] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OpwareSE2"="c:\program files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [2003-05-08 49152] "VX3000"="c:\windows\vVX3000.exe" [2006-10-13 707376] "RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2006-11-23 56928] "LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2006-12-05 54832] "LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2006-10-13 277296] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-12-15 282624] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-19 15360] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Adobe Gamma Loader.lnk - c:\program files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2007-7-22 110592] Lancement rapide d'Adobe Reader.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696] NkbMonitor.exe.lnk - c:\program files\Nikon\PictureProject\NkbMonitor.exe [2008-12-15 118784] NkvMon.exe.lnk - c:\program files\Nikon\NkView6\NkvMon.exe [2007-7-22 241664] Windows Desktop Search.lnk - c:\program files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe [2005-9-20 238080] [HKLM\~\startupfolder\C:^Documents and Settings^Bertrand^Menu Démarrer^Programmes^Démarrage^SparkAngels.lnk] path=c:\documents and settings\Bertrand\Menu Démarrer\Programmes\Démarrage\SparkAngels.lnk backup=c:\windows\pss\SparkAngels.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] 2006-12-23 16:05 143360 ----a-w- c:\program files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2006-01-12 13:40 155648 ----a-w- c:\program files\Fichiers communs\Ahead\Lib\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector] 2007-10-23 21:18 443968 ----a-w- c:\program files\Picasa2\PicasaMediaDetector.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Yahoo!\\Messenger\\YPager.exe"= "c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"= "c:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [05/09/2009 17:39 108289] R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [17/09/2009 19:29 54752] S3 fsssvc;Service Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [05/08/2009 21:48 704864] S3 USB_RNDIS_51;Broadcom USB Remote NDIS Device Driver;c:\windows\system32\drivers\usb8023.sys [19/08/2004 18:50 12672] . Contenu du dossier 'Tâches planifiées' 2009-12-31 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2006-08-29 13:21] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.google.fr/ uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} uInternet Settings,ProxyOverride = 127.0.0.1 uSearchURL,(Default) = hxxp://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR IE: &MSN Search - c:\program files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 IE: Easy-WebPrint Ajouter à la liste d'impressions - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html IE: Easy-WebPrint Impression rapide - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html IE: Easy-WebPrint Imprimer - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html IE: Easy-WebPrint Prévisualiser - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html IE: Ouvrir dans un nouvel onglet d'arrière-plan - c:\program files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/229?9e5a4cf4b8ac4bf19a94b012c12aeb2a IE: Ouvrir dans un nouvel onglet de premier plan - c:\program files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/230?9e5a4cf4b8ac4bf19a94b012c12aeb2a DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab FF - ProfilePath - c:\documents and settings\Bertrand\Application Data\Mozilla\Firefox\Profiles\oyd5pplh.default\ FF - component: c:\program files\Mozilla Firefox\components\xpinstal.dll . - - - - ORPHELINS SUPPRIMES - - - - BHO-{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - c:\program files\Dealio Toolbar\DealioToolbarIE.dll Toolbar-{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - c:\program files\Dealio Toolbar\DealioToolbarIE.dll HKLM-Run-SearchSettings - c:\program files\Search Settings\SearchSettings.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-01-20 19:19 Windows 5.1.2600 Service Pack 2 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'explorer.exe'(3640) c:\windows\system32\WININET.dll c:\program files\ScanSoft\OmniPageSE2.0\ophookSE2.dll c:\windows\system32\ieframe.dll c:\windows\system32\mshtml.dll c:\windows\system32\msls31.dll . ------------------------ Autres processus actifs ------------------------ . c:\program files\Avira\AntiVir Desktop\avguard.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE c:\program files\Microsoft LifeCam\MSCamS32.exe c:\program files\CyberLink\Shared Files\RichVideo.exe c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\windows\system32\wdfmgr.exe c:\program files\Yahoo!\Messenger\ymsgr_tray.exe c:\program files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearchIndexer.exe c:\program files\Canon\CAL\CALMAIN.exe c:\windows\system32\wbem\wmiapsrv.exe . ************************************************************************** . Heure de fin: 2010-01-20 19:27:22 - La machine a redémarré ComboFix-quarantined-files.txt 2010-01-20 18:27 Avant-CF: 1 997 983 744 octets libres Après-CF: 3 528 749 056 octets libres WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect multi(0)disk(0)rdisk(0)partition(2)\WINNT="Microsoft Windows 2000 Professionnel" /fastdetect Current=4 Default=4 Failed=3 LastKnownGood=5 Sets=1,2,3,4,5 - - End Of File - - 89E192EFCF7FE0A0F69F6BA803EDA103
×
×
  • Créer...